Cyber Security
Practical steps for building a cyber-resilient enterprise
K By Ben Field County Manager, Fortinet Australia
34 | Australian Security Magazine
eeping your networks up and running is essential to your organisation. Without network access you can’t send or receive emails, manage your financials, take on-line orders, work in the cloud or take care of any of the mission-critical applications that drive your business forward. You might need a comprehensive network security solution. But what you really want is business continuity. Cyber security is not an end unto itself. The raison d’etre for your security ecosystem is to ensure business continuity. As such, cyber security should be viewed as a holistic system that encompasses everything from hardware and software through management oversight, network transparency, security policy reviews, staff training and constant feedback. There is no ‘silver bullet’ to protect your network. It takes an arsenal. The more weapons you have at your disposal, the more resilient your network – and organisation – will be. Keeping today’s risks in check is referred to as ‘cyberresiliency’. Cyber-resiliency is defined as ‘a systematic approach for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organisation's information security to achieve business objectives’ (ISO/IEC 27000:2014). Cyber-resilience is a function of visibility. The tighter the control you have over your network – at the gateway as well as behind the firewall - the better armed your organisation
will be to act fast if (and when) a security event does occur. And the best way to maintain that visibility – and protection - is to consolidate your security and network management operations under a common framework. Cyber-resilience optimises operational management Cyber-resilience and optimised operations go hand-in-hand. You can’t separate them. They are both equally essential to maintaining business continuity. You should be able to see, via a dashboard, exactly what is happening on your network. As you monitor traffic patterns and user behaviour you can see immediately if there are any anomalies that might indicate a security event. At the same time you can ensure that you have allocated enough resource – processing power, bandwidth, etc – to fully support your users as they go about their business. And because you are building a complete profile of network activity, you can create comprehensive reports for cost accounting, governance and compliance. This convergence of operations and security gives you more control than ever over your network and provides an unprecedented opportunity to ensure that your network operates at maximum efficiency with minimised risk.