International Data Privacy Laws

51 companies tell Congress it’s time to tackle data privacy

Amazon, AT&T and Qualcomm are among those involved The corporate world isn't waiting around for Congress to get started on tougher data privacy laws. A group of 51 CEOs from the Business Roundtable advocacy group, including tech companies like Amazon, AT&T, IBM, Motorola and Qualcomm,
/
Reuters news

EU court says Germany has to notify EU of copyright law targeting Google

BRUSSELS (Reuters) - Google won a victory on Thursday after Europe’s top court said Germany has to notify the European Commission of a rule allowing publishers to demand a copyright fee from the U.S. tech giant for using news snippets. The case underlines the battle
/
GDPR Compliance

Avoid Breaking the Bank to Protect Your IT by Automating These 3 Departments

Protect Your IT by Automating

In the big data world, companies have more information than any human (or team of humans) can consume. New software arrives every minute, servers go up and down, data streams in, and businesses still expect their employees to catch every security issue amid the chaos. It’s like asking employees to find a needle in a haystack — but there are millions of haystacks, and tornadoes hit every 10 minutes.

That’s why automation in a cloud environment is essential to preserve security without creating exorbitant personnel costs. No one can keep up with the pace of global development unassisted. Rather than let employees trudge through these complex systems looking for threats, businesses need to lean on automated systems that can lighten the load so their employees are able to act effectively when a threat is detected.

The current state of cloud security, while inadequate, is understandable. Back in the days before big data, companies were better off relying on human eyes to catch errors and plug holes. Today, though, things move too quickly. Companies need automation to keep their data safe — and they need it now.

Save Time and Money by Automating 3 Departments

Businesses can minimize their risk and keep their systems secure (without breaking the bank) by automating these three departments:

1. DevOps Group (Front End)

In the past, businesses set easy security goals — “Don’t let bad guys into the network!” — and the network team made it happen. Now that many enterprise applications are on the public internet to provide self-service options and other benefits to the workforce, vulnerabilities and attack vectors are more complex.

Security automation begins in concert with the development life cycle. As the development team builds systems, members of that team should prioritize system security as highly as they do functionality.

Automation tools keep track of this process automatically, ensuring no new system goes online without a secure foundation. Most savvy companies already automate development security to some degree (the DevOps Diagram Generator from XebiaLabs is a great way to create a process with the right tool set for safer deployments), and those that don’t automate place themselves at the mercy of hackers. Fixing holes after they’re exploited won’t do much to help a business — it only takes one breach to cause significant damage.

The cost savings of one breach with a full security team versus no breaches with automation are massive. Automation reduces security headcounts by about a factor of three, and every breach can cost a company around $148 per record accessed. The personnel costs alone are motivation to automate; the potential consequences even more so.

2. Infrastructure Group

Once the development team deploys something, it’s up to the infrastructure team to provide the shield. Here, rather than ask teams of coders to spend weeks matching server configurations and firewall setups, companies can turn to automation to keep their infrastructure safe at a fraction of the cost.

Businesses should look at the resources they dedicate to server setup and network maintenance and then ask themselves how much of that work could be handled by machines or even infrastructure as code. Infrastructure teams would be free to handle more delicate tasks, companies would save money, and environments would be safer from intrusions. With automated infrastructure management, everyone wins.

3. Production Environment

In cloud systems with production environments that are always active, automated tools can present security events to users in ways that allow humans to act on the information quickly. Automated tools can interpret all the tiny data points that would take humans years to read and sound the alarm when something isn’t right.

As hackers increasingly turn to machine learning to penetrate systems, IT teams will need to use new technology as well — and the first step is centralizing the production system on the cloud. Back in 2017, Gartner estimated 18 percent year-over-year growth in the cloud services market, and if today’s trends are any indication, that number will only get higher with each passing year.

Rather than attempt to wrangle multiple environments, companies should centralize their processes to keep customers (and employees) in the same multi-tenant environment with better segmentation for security. This makes scaling easier and safer to achieve — a configuration in one environment becomes much easier to implement in others when everything works together.

Security automation catches more threats, saves companies money, and makes customers feel safe. What’s not to love? As data threats loom ever larger, businesses must turn to automation to provide the tools they need to fight back.

By Brad Thies

  • Recent Articles
Brad Thies Contributor
Founder and President of BARR Advisory
Brad Thies is the founder and president of BARR Advisory, an assurance and advisory firm specializing in cybersecurity, risk management, and compliance. Brad speaks regularly at industry events such as ISACA conferences, and he is a member of AICPA’s Trust Information Integrity Task Force. Brad’s advice has been featured in Entrepreneur, Small Business CEO, and Information Security Buzz. Prior to founding BARR, Brad managed KPMG’s risk consulting division. He is a CPA and CISA.
follow me
CA Technologies

CLOUD PARTNERS | SPONSOR SERVICES

The Cloud Debate - Private, Public, Hybrid or Multi Clouds?

The Cloud Debate – Private, Public, Hybrid or Multi Clouds?

The Cloud Debate Now that we've gotten over the hump of whether we should adopt the cloud or not, "which cloud" is now the center ...
Sekhar Sarukkai

A Closer Look at Insider Threats and Sensitive Data in the Cloud

Sensitive Data in the Cloud A recent survey report conducted by the Cloud Security Alliance (CSA) revealed that  sensitive data in the cloud had reached ...
Mark Casey Apcela

Industrial IoT will reshape network requirements

Industrial IoT The hype around IoT may have been surpassed this year by breathless coverage of topics such as artificial intelligence and cryptocurrencies, but there ...
Daren Glenister

Countdown to GDPR: Preparing for Global Data Privacy Reform

Preparing for Global Data Privacy Reform Multinational businesses who aren’t up to speed on the regulatory requirements of the European Union’s General Data Protection Regulation ...
Scale your Windows Azure application

Satellite connectivity expands reach of Azure ExpressRoute across the globe

/
Staying connected to access and ingest data in today's highly distributed application environments is paramount for any enterprise. Many businesses need to operate in and across highly unpredictable and challenging ...
Firefox is testing a VPN, and you can try it right now - It’s part of the revitalized Firefox Test Pilot program

Firefox is testing a VPN, and you can try it right now – It’s part of the revitalized Firefox Test Pilot program

/
Last week, Mozilla said its Firefox browser would block third-party trackers for everyone by default and yesterday, Mozilla announced a new product that could give Firefox users even more privacy ...
NYT

How Each Big Tech Company May Be Targeted by Regulators

/
Amazon, Apple, Facebook and Google have been the envy of corporate America, admired for their size, influence and remarkable growth. Now that success is attracting a different kind of spotlight ...

TRENDING | TECH NEWS