Skip to main content
uk

  • Increase Speed to Market
    Deliver quality quicker by optimising your delivery pipeline, removing bottlenecks, getting faster feedback from customers and iterating quickly.

  • Enhance Customer Experience
    Delight your customers in every digital interaction by optimising system quality and performance to provide a smooth, speedy and seamless user experience.

  • Maximise Your Investment
    Realise a positive ROI sooner and maximise your investment by focusing your energy on high-value features, reducing waste, and finding and fixing defects early.
  • The Wellington City Council (WCC) wanted to deliver quality outcomes without breaking the bank. Find out how Planit’s fast and flexible resources helped WCC achieve this goal.

this is a test Who We Are Landing Page

BANKING
Banking like a start-up.
MEDIA & BROADCASTING
Capture your audience
EDUCATION
Do your systems pass the grade?
MINING & RESOURCES
Innovate with confidence.
GAMING & WAGERING
Game day performance.
 

Security Will Move to a Converged Approach

By Ferdinand Hagethorn | Senior Technical Test Consultant

INSIGHTS // Articles

19 Sep 2017

#Security|#Technologies|#TestManagement

INSIGHTS // Articles

#Security|#Technologies|#TestManagement

By Ferdinand Hagethorn

19 Sep 2017

Technology is converging. Adoption of Internet of Things (IoT) devices is growing exponentially and these devices are being increasingly leveraged by information technology (IT) and operational/industrial technology (OT). Buildings and homes are also becoming “smart” and “connected”, with surveillance systems, thermostats, door controls, and heating, ventilation, and air conditioning (HVAC) being connected and going to the Cloud.

Security Will Move to a Converged Approach

Attackers are very adept at finding cracks in any defence. They don’t care if it’s a crack in physical security, industrial control systems, or classic IT environments. They focus on where they can inflict as much damage as possible.

Security leaders and vendors have to start looking at the entire security risk. A breached laptop can be used to hop over to the chlorine controls of the hotel swimming pool and inflict real-world damage to property and people. It’s not only about protecting the contents of the laptop, but also the access it has to whichever network it is attached to. A siloed approach needs to be replaced with a holistic one.

Here are a few questions to ask yourself:

Which are the critical areas in our network?

“Critical” used to mean the valuable data and systems within an organisation. Widen this scope to include people, processes, and technology.

Is there full stack visibility?

You need to know how your business is relying on IT systems and how they’re tied together. Stage two is to find out what lateral movements are possible on your infrastructure. For example, whether it is possible to reach HVAC systems from the network connection of a printer.

Is our response process functioning correctly?

Failing to plan is planning to fail. You need to be prepared should a cyber-related incident happen. This could be a crypto locker outbreak or the detection of an intruder on your systems. If this happens, how will you respond?

Are our systems designed and developed with security in mind?

Resilience, security, and performance are often approached as one of those implied artefacts of infrastructure and systems. Look at the design requirements and check which ones are really connected to security. Making assumptions can lead to failure.

Approach security as a result of proper design. Like a car with crumple zones which, in case of a crash, absorbs the energy of the crash, IT systems should be designed in the same way. The same goes for system hygiene, where a system needs to be maintained to keep everything running properly. For example, the simple act of servicing your car’s brakes can save lives.

Fail-safe or fail-secure were terms initially attached to software. It’s time to apply these to the full stack of technologies which make up your IT landscape.

Secure your environment

The risks associated with system vulnerabilities are substantial. Instead of waiting for your information to be exploited, systems corrupted and brands damaged, you can take the initiative and protect yourself.

We can provide you with in-depth reports into weaknesses that attackers could exploit in your specific system. With this valuable insight, we can then help you secure your systems in the areas of development, use and infrastructure.

Visit our Security Testing section to find out how we can close these loopholes for you.

Join The Discussion
Enquire About Our Services