Please complete all required fields!
IBRS iQ is a database of Client inquiries and is designed to get you talking to our Advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.
Read more ...
Conclusion: To respond to the digital world challenges, many organisations are transforming their operations to multi-Cloud to reduce cost, improve service efficiency and contain business risks. As a result, the multi-Cloud availability has become a critical success factor. In some cases, multi-Cloud complex architecture weaknesses have resulted in service outages and allowed ransomware attacks to severely impact business operations. The new generation ITSM tools provide effective backup and recovery facilities that are worth investigation to mitigate multi-Cloud exposures to failure.
Background: The federal government has finally unveiled its cyber security strategy. The Australia’s Cyber Security Strategy 2020, released on 6th August will see $1.67 billion invested in a number of already-known initiatives aimed at enhancing Australia's cyber security over the next decade. IBRS provides their key takeaways from the strategy.
Most of the funding for the Strategy 2020 is from July’s announced $1.35 billion cyber enhanced situational awareness and response (CESAR) package much of the Strategy details will be contained in legislation to be put before parliament.
taConclusion: Ransomware attacks are becoming increasingly common and Australian organisations have experienced several high-profile incidents in 2020. While the preferred option is to recover from backups, organisations may find that this is not feasible either because of the scale of the compromise or that backups themselves are compromised. While the decision to pay a ransom is complex and poses significant risks, it should be explored in parallel with the recovery from backup.
Conclusion: The traditional IT service management (ITSM) tools have allowed IT organisations to automate key IT processes (e. g. incident management), promote service management disciplines and meet service levels in the majority of cases. However, they were not designed for multi-Cloud management. The new generation ITSM tools address the essential multi-Cloud requirements by offering:
IT organisations should assess the cost-effectiveness and relevance of the new ITSM offerings to business operations improvement1.
Conclusion: Many vendors, consultants and managed service providers are pushing ‘security information and event management’ (SIEM) as a panacea to security failings. The intent is correct. Having visibility of what is or has happened in the infrastructure is essential to detecting and responding to intrusions.
What often gets glossed over is that SIEM is a tool, not a complete solution in itself. Deployment requires deep engagement with the IT operations team and a clear vision of what is expected from the SIEM. The vision will be driven by how SIEM will be used, what outcomes would be expected and how its use would evolve over time.
With careful planning prior to deployment, some, if not most, of these issues can be addressed.
Conclusion: Despite increasing focus on information and data in an as-a-Service age, thought leadership in the data management discipline has waned. Today, few of the frameworks, methods and bodies of knowledge that emerged either from the data modelling fraternity or the records management community in the last decade remain active.
This leaves organisations seeking to address the impacts of increasing privacy regulation, cyber security risks from increased digital delivery or improving data integrity to support automation with only one real choice – the Data Management Association (DAMA)’s Data Management Book of Knowledge whose 2nd Edition (DMBoK2) has emerged after almost three years of international collaboration.
Despite the wait, DMBoK2 provides a much-needed update on an already solid foundation addressing contemporary issues with the exception of fully addressing the challenges of data science in its broadest form. Organisations seeking to comprehensively address data management would be well served by adopting DMBoK as a foundational model, thereby ensuring they have a single point of reference regardless of the specific outcomes or priorities that need to be addressed now or in the future.
Login to read your premium content.