Principles of an Effective Cybersecurity Strategy

According to MetricStream’s, ‘The State of Cyber Security in the Financial Services Industry’ report, around 66 percent of financial services institutions have faced at least one cyber-attack in the last 12 months. The cost of this can even result in a complete shutdown of the business."

Click To See - 10 Live Hacking Tracking Maps

Why Hybrid Cloud Delivers Better Business Agility

Why Hybrid Cloud Delivers Better Business Agility

A CIO friend of mine once told me that a hybrid cloud model enables him to “own the base, rent the spike” when it comes to unplanned events. Let’s face it – maintaining unused infrastructure for rare or random IT events is expensive and unnecessary in a cloud world. These same resources can be rented from a public cloud provider on standby and can be a far more cost-effective way of handling the “peaks” of any IT load – as long controls and mechanisms are in place to ensure that policy, compliance and security requirements are met. Using a hybrid cloud model to leverage the public cloud as a failover platform in the event of a disaster or to handle other peak loads due to a seasonal or unexpected event is an excellent way to manage IT costs while maintaining business continuity and availability of the systems.

Friday-Comic

This all makes sense but it is not the norm out there in the marketplace. Hybrid cloud usage is still in the minority and our research at Cisco shows that over 75% of organizations don’t have an effective private cloud up and running – never mind hybrid enabling it. There is a clear dilemma here. Today more than ever, CIOs are tasked with creating technology strategies that help their organizations achieve positive business outcomes. At the same time, they must be mindful, because new technologies or services may introduce risks around security, choice and control. In turn, this can create an inaccurate impression that IT is slow to respond, often says “no,” or is out of touch with the business.

There is a solution. The flexibility, security and policy management of today’s hybrid private/public clouds can help the CIO quickly respond to the needs of line-of-business leaders and changing market conditions, transforming IT into a business innovation driver. With hybrid clouds, organizations can enjoy both the level of control offered by on-premise private cloud solutions and the freedom to choose public clouds for other workloads.

Securing Control

control

Because a hybrid cloud requires integration across private and public domains, control becomes a critical issue. Consider how to control customers’ personal information and infrastructure to minimize security risks, as well as how to manage operational processes to optimize the use of in-house resources and customers’ experiences.

When evaluating hybrid cloud solutions, here are a few questions to consider:

  • Will I be able to manage security of my workloads and secure business critical data in my hybrid cloud’s public domains?
  • Do I have the right resources in-house to operationally manage the implementation across my hybrid cloud?
  • Can I keep the same policy control over my workloads no matter where they are running?

Answering these questions can help ensure you are controlling your hybrid cloud and not the other way around.

Maintaining Flexibility and Choice

choice

(Image Source: Shutterstock)

When crafting a hybrid-cloud strategy, it’s also important to allow for plenty of flexibility in your plan. That way if you need to change vendors or solutions down the line, it will be less painful. Here are some other things to consider when evaluating vendors to build your hybrid cloud environment:

  • Am I choosing the cloud (or cloud provider) that best suits a particular workload and my business requirements?
  • What if my needs change?
  • Do I have a contingency plan?
  • Am I choosing the best public cloud provider for the right type of cloud (i.e. SLAs) for my hybrid cloud strategy?
  • If it isn’t right, then what are my options?
  • Can my private cloud interact with multiple public cloud services?

As CIOs consider the answers to these questions, they have the opportunity to maximize their choices when it comes to their hybrid clouds. Then they can be true brokers of IT expertise and services, making the right decisions at the right time for their business.

Dev/Test and Capital Optimization

There are two other key benefits for this open, secure, policy centric approach to hybrid cloud – Dev/Test and Capital optimization for innovation projects.

While initially a concerning thought for CIOs, the ability to use public cloud resources as an application test bed or, even better, a resource to plan for unexpected success is the killer app of the enterprise cloud adoption. The ability to develop and test applications at scale – yet fully isolated from live workloads in an environment that is 100% identical to the production environment – is the best way to manage an application lifecycle. The cloud offers the ability to do this testing at scale, without the risk of impacting your live workloads and at a fraction of the cost of running a duplicated data center. The only challenge then facing the CIO is how to ensure that the testing application runs with the same policies and configuration as the home data center and how to bring that workload back into production with minimal disruption. Having the same constructs, policy management and networking hierarchy capabilities on both ends of the wire will be a critical component to the success of using this hybrid cloud model.

Finally, VCs insist that startups spend their venture funding dollars on developing innovative and differentiated solutions for their customers, instead of focusing on non-differentiating capital expense activities. This same theory should be applied to large organizations supporting their developers. Using the public cloud to plan for unexpected success, or failure, is a great way to manage IT expenditures while encouraging innovation. With lower cost and increased access to resources made available to the lines of business, any developer with an idea can now test their solution out without the barrier of IT costs factoring into the initial phases of development. This type of capability encourages more innovation within an organization as more ideas can be tried out as the risk of failure is minimized. That said, when the business case is proven, most businesses will want to bring that workload back in house. Having the ability to do so with the least amount of impact to the application is critical. Choosing a hybrid model that lets your public and private resources interact seamlessly could be the single factor between failure and success. Again this is one of the key design criteria for our Intercloud model.

By evaluating and implementing hybrid cloud solutions, CIOs can take control of the decision-making process and introduce a new level of agility and flexibility to their business IT operations. No longer will IT be considered slow or seen as in opposition to change, but rather the team that becomes a genuine partner for corporate innovation and enabling digital disruption.

For more cloud insights for IT leaders, visit Cloud Executive Perspectives. Be sure to follow @CiscoCloud and use #CiscoCloud to join the conversation.

By Nick Earle

About Nick Earle

Nick Earle leads Cisco's global Cloud and Managed Services Sales and Go To Market (GTM) strategy.

Previously at Cisco, Earle led the Worldwide Services Field organization, during which time its revenue grew to more than $10 billion. He also has led the vision to deliver new business models, solutions, and strategic partnerships in the Global Enterprise Theatre. Prior to that, he was responsible for the European Services Sales business in 20 countries. Common to all roles, he and his teams have continuously helped customers solve their toughest business challenges, and enabled our partner community to improve their profitability, using Cisco technologies and solutions.

Prior to joining Cisco in 2004, he served as CEO at StreamServe Inc. and as President of EMEA Operations at Ariba, as well as CMO for Hewlett-Packard's $35 billion enterprise computing business. He is also a recognized authority on emerging business models and has co-authored two books: Mesh Collaboration: Creating New Business Value in the Network of Everything (2008) and From Dot.com to Dot.profit (2000).

Earle holds a first class honors degree in computing and an honorary doctorate in computing from Liverpool University in the United Kingdom.