259 Fairport Village Landing, Fairport, NY 14450585-377-8910info@campbellnetsolutions.com

IT Managers

3 Tips for Making Better Investments in Security

3 Tips for Making Better Investments in Security

This is obviously a big topic these days and it’s almost getting to a point where I feel like this is overshadowing discussions in advancements in Wifi, VoIP and other network technologies on which most of us have spent the majority of our careers focusing. That said, I think it’s safe to say that, until we get to a point where we don’t have to worry about it (don’t hold your breath), security is going to be the talk of the town – especially as more and more of our information is being moved onto servers somewhere “in the cloud”.

I found this article interesting for a couple reasons – first, I think the three points they pull out here are good ones to note. But even more, I thought that the paragraph from the article quoted below brought light to a different perspective: as security becomes more of a strategic focus than just something that’s discussed during IT staff meetings, we need to make sure that focus is developed into the larger business model and and not based solely on a small group’s experiences and biases.

“One would think that as information security matured from back-office function to a more strategic role, CISOs’ approaches to portfolio prioritization would have followed suit. However, that’s not necessarily the case. Speaking with dozens of IT and security leaders, we found that most approaches to making security investment decisions are largely subjective. Too often, they’re based on personal expertise and credibility rather than systematic processes and business value metrics.”

The rest of the article is well worth the read as well. It’s linked below so read and enjoy!

Information security’s role is becoming more strategic, but its approach to making investment decisions hasn’t kept pace. To better align security investments with enterprise strategy, IT and security leaders must stay focused on the right risks, add rigor to decision making processes, and give stakeholders opportunities for input. The kids are back in school, the leaves are changing color, and the days are growing shorter – all signs it’s time for IT leaders to start thinking seriously about next year’s budget. One key issue that CIOs need to consider when drafting their 2018 budgets is how information security’s role is changing within the organization and how best to support that change. IT and business leaders need information security to take on a more strategic focus; but so far at least, its investment priorities haven’t followed suit. As organizations transform their business models to support new digital products and services, information security will increasingly adopt the role of “digital business enabler.” That means finding new ways to help business leaders take smart risks with information technology in pursuit of new growth or competitive advantage. This will change the way organizations deliver security, the skills and tools security teams will need […]

Read More
12 bad habits that slow IT to a crawl

12 bad habits that slow IT to a crawl

It seems like the more that we learn, the more we realize that the most effective key to security, productivity and practice in this world of “Modern IT” that we live in comes down to training, process and procedure. Again, we see here that the reasons that your IT department is too slow boils down to the way that the people either manage themselves or are being managed by their superiors.

Take a look at the list of bottlenecks in this great article from CIO.com and let us know if you see any of these issues applying to you and your department.

It’s time to face a cold, hard fact: Your IT department is too slow. It’s the result of good intentions gone bad, but in business, intentions don’t matter. When is IT too slow? Whenever any part of the business has to wait for IT to deliver the goods, that’s when. The magic buzz phrase these days may be “time to value,” but the true guiding principle is “ahead of your competitors.” If IT keeps that from happening, you can bet your organization’s business executives have lost patience with you. [ Beware the 12 ‘best practices’ IT should avoid at all costs while heeding the 9 forces shaping the future of IT work . | Get an inside look at 10 real-world digital transformations . | Get the latest insights by signing up for our CIO daily newsletter . ] Want to speed up your IT department? Start by getting rid of what slows it down — in a word, its bottlenecks. Here are a dozen places to start your search. Ignore at your peril. IT bottleneck No. 1: Governance Committees are the old governance. As governance sets the pace for everything IT does, and committees slow down everything they […]

Read More
IoT security for healthcare is in critical condition

IoT security for healthcare is in critical condition

It seems like collectively as an industry, we’ve determined medical and healthcare information as one of the most important segments of data to protect, and rightfully so. As medical IoT starts to become more and more standard, now we’re not only protecting people’s personal data, we’re now responsible for protecting their actual health and, in some cases, their lives. Is that something that network security managers are ready to take on?

IoT security is a headache, a mess and several other flavors of annoying for any enterprise, but in healthcare, it can be literally life and death. Compromising any connected device has two main consequences – one is to enlist devices into a botnet, like the security camera-capturing Mirai, and the other is to offer a passage deeper into any infrastructure the device is connected to. +ALSO ON NETWORK WORLD: What is IoT? + Bluetooth Mesh takes aim at enterprise IoT, but hasn’t taken flight But medical IoT poses additional security risks. For one thing, connected records systems and anything that contains personal information are attractive targets for identity thieves – your Social Security number is all over your medical records. Compromising a medical IoT device and pivoting to other targets on the network could result in a breach of these records, researchers have found . Under certain circumstances, an attacker could exercise direct control over medical equipment , with potentially fatal consequences – witness the infamous hacked insulin pump, which first made headlines all the way back in 2011. The key difference between traditional security and IoT security is visibility, according to Xu Zou, CEO and co-founder at IoT […]

Read More