UK Construction Excellence September

Network systems have
become so complex that
a single malfunction or
error could shut down a
company’s system, exposing
the business to cyber attack.
Even more shocking was the
fact that 60% of organisations
admitted to tracking changes
manually via Word documents,
emails and spreadsheets.
too are the risks and costs as IT security
personnel find it increasingly difficult to
adequately prioritise resources.
Today’s corporate network
infrastructures are highly likely to
consist of multiple vendor firewalls with
two thirds stating they have up to ten
or more, adding further fuel to the IT
security fire.
Network systems have become so
complex that a single malfunction or
error could shut down a company’s
system, exposing the business to cyber
attack. Even more shocking was the
fact that 60% of organisations admitted
to tracking changes manually via Word
documents, emails and spreadsheets.
Where projects that involve
collaboration are concerned, cloud
applications are a useful way to manage
such projects, but can throw up
challenges, specifically regarding where
the security accountability lies. In fact,
more than one third of respondents
stated responsibility for cloud security
falls outside of security operations,
which adds an extra layer of complexity
to security management.
This will require a change management
process to adapt to a faster, more
diverse environment.
Reducing complexity
To better manage the threat from
cyber attackers, the objective has to
be to close the complexity gap – or
the discord between the growing
number of threats, the technology in
place to prevent them and the lack
of cyber skills to keep pace – before
any damage is irreversible. The key to
improving security will be effectively
managing the inherent complexity of
the technologies and keeping pace with
the environments in which they reside.
Now there are fewer security resources
to monitor and manage the increasing
number of technologies used
within organisations. To tackle this,
management technology systems that
utilise automation in a clever way have
been identified as the ideal remedy.
Security management is more important
than ever to remediate the complexity
gap and offers visibility, intelligence,
integration and automation.
Security management adds an
additional layer of protection which
can work in tandem with any firewall,
regardless of vendor, to quickly and
accurately assess risk and control
policies in a centralised way.
Using Automation
A recent study conducted by Forrester
Consulting found that “Managing and
auditing firewall rules on a manual basis
can expose an organisation to greater
risk of a breach, not to mention the
additional time and senior resources
needed to add new rules and address
change requests.”
Organisations looking to reduce the
likelihood of breaches and adapt their
practices to meet networking demands
in diverse collaborative environments
need a global view of their policies that
spans infrastructure types. Manual,
device-by-device management is not
sustainable. Automation will be critical
to enabling dynamic management
– from automating data intake to
automating workflows to automating
intelligence-based action.
As networking evolves to meet the
needs of an “on-demand” society,
security will have to evolve too
or risk becoming a bottleneck or,
worse, ignored altogether. With better
management of security technologies,
organisations can start to realise
the true potential of their security
investments and greatly reduce risk
from data breaches and cyber attacks
that jeopardise large-scale construction
or engineering projects.
By Michael Callahan, a Vice President
at FireMon
39
39