Tag Archive | Predictions

2019 Security Predictions – “Ensure the basics are BRILLIANT”

Happy New Year and I hope the festive break was “a break”. Some continue to work throughout the festive season (or the global economy would meltdown), but for many back to work for 2019 started in earnest this week. I have so far avoided 2019 “predictions”, “prophecies”, “educated articulation of interesting stuff” to date based on so many of them circulating the social media and email landscape. However, a fair few messages asking for a perspective on the networking and security world for 2019 have stimulated me to scribble a few words.

And here comes the shock, I will be quite boring with my summary of the market and technology impacts for 2019 (well at least the first half) because I will continue to encourage to all who will listen that the most important edict they can institutionalize in their own psyche and the organisational operational IT approach is to ensure the basics are “brilliant”. Modern business should only have a single state, secure business with an unintentionally insecure environment almost unthinkable in the digital age. As the creation, processing, analysis and management of digital data streams continue to underpin and energize both user and business outcomes an intentionally secure by design philosophy is the only way to stem the attack tide.

Security isn’t the task of security professionals alone, but every application or system user with a level of consciousness about the consequence of breach or failure must now acknowledge “intentional security” is the responsibility of all.

Ensuring the basics are brilliant, with security controls mapped to business activity, outcome and consequence, with auditing and automation leveraged to optimize operations will increase the level of certainly of a user or organisations security posture.

·        Privileged account security

·        Multi factor authentication

·        Managed encryption.

·        Vulnerability management PLUS

·        Identity management PLUS

·        Enterprise anti phishing with associated user education

·        Intelligent endpoint security (user or things)

Can you embrace how boring the list above may seem – hopefully that’s the case. The list above are subset of the “Brilliant Basics” that MUST underpin the secure defences of all. You are possibly about to click away from this screen buoyed by the view “we have got all of those” and that may be the case. But even with great guidance from Cyber Essentials, CIS, NIST, etc many organisations I meet are a snippet of “luck” away from a comprehensive breach due to absence, failure or poor execution of the controls above with the negative consequence avoidable.

If there is no auditable and actively managed operational state of the items mentioned above integrated together to ensure security is seamless, intentional, proactive why consider the wealth of advanced and esoteric new products showcased daily – get the basics right.

So my 2019 ask so early in the year is to be brutal and rigorously appraise the brilliance of your “basic” security controls. Are they operational consistent, audited, integrated, holistic, bidirectional from an information and threat exchange, automated where possible – score your current state.

Why make it easier to be breached when organisations highly engineered, often very expensive, operational complex defences fail due to the failure to control the controllables or optimise the known basic elements.

Until next time.

Colin W

Twitter: @colinwccuk

LOB CTO – Networking and Security Computacenter UK

Note: This perspective is the viewpoint of Colin Williams and does not constitute an opinion of Computacenter Group.

Workplace IT predictions for 2014

computer-shopper-crystal-ball

Well it’s that time of the year and no well-meaning blog would be complete without some predictions for the coming year. I canvassed some of my team for their views so that we can look back next year and see if they have potential parallel careers as fortune tellers!

First up is Paul who thinks we will see lots of continued uncertainty in the Mobile OS market, with a surprising upswing in Windows Phone and fight back by Blackberry to maintain adoption in Enterprise – that won’t be matched in the consumer world.  Somewhat polar to market commentary and headlines – so something to keep an eye on!

Next up is Pete who believes SSD (Solid State Disk) will become standard, across all traditional PC client devices. The cost difference for spindle and solid state has reached such a small difference that the performance benefits and reduced failure rates will outweigh this small price difference. Hmmm, could be good news for Samsung and Kingston!

Pete also thinks we’ll see the death of the docking station (again 🙂 ) – as we move towards more choice and more mobile devices, the desire and ability for a consistent docking experience will be surpassed by wireless peripherals and connected screens.

Next one up from the team is not necessarily good news for the industry and somewhat inevitable in the climate but there is the expectation that at least one major ‘pure play’ reseller (read no services division) will either go under or get swallowed up in 2014.

David in Services also suggests that we might see a short-fall in available UK resources to tackle the backlog of Enterprise Windows XP users that still haven’t migrated – caused by the product formally going ‘end of life’ in April 2014. Not sure if this is a prediction or wishful thinking!!

Finally, we move to Tina and Software. First prediction is that we will see Big Data move into the mainstream as people stop talking about it and start to use information to underpin their business models. Whilst 2014 will also be the year that we see the number of software vendors used within Enterprise estates increase as a result of the users opting for smaller ‘app like’ line-of- business tools and not the over specified and under-utilised tools they have today.

Personally, I think that we will continue to be ‘S.M.A.C.ked’ (Social, Mobile, Analytics and Cloud) as a major theme and as the “nexus of forces” continues to empower users through technology and information it will make 2014 disruptive and stimulating for everybody involved in Workplace IT.

So there you have it, down in black and white for judgement next year. I’d be really interested to hear your own predictions for the coming year (related to Workplace IT of course!)?

I hope you have a great Christmas break, and see you all in 2014!