< PreviousRaghu Nandakumara Field CTO Illumio The larger and more ambitious an IT project is, the harder it can be to get things started. The board is likely to baulk at a budget with too many zeros at the end, and it’s hard to gather enthusiasm for a project that likely won’t see completion. Does this sound familiar? Zero Trust is a journey – and it starts with a single zero-trust journey www.networkseuropemagazine.com 60Adopting a Zero Trust strategy for security is the latest in a long line of IT goals that many organisations often feel are too big to start. Taken altogether, adopting Zero Trust often appears to be a gargantuan task that involves effectively overhauling or enhancing most of the organisation’s security controls at the same time. Even for the largest and most well- resourced organisations, this will seem overwhelming. However, organisations cannot afford to simply shelve the idea because Zero Trust is one of the most effective strategies for protecting infrastructure, applications, users, networks and data; all of which are becoming increasingly diffused through cloud migration and remote working. Indeed, recent research by Illumio found that 98% of UK business leaders and IT decision-makers either already have a Zero Trust strategy in place or are working on implementing one soon. How can organisations get started on the path towards Zero Trust, when the end results seem so far away? Well, as the well-worn Chinese saying goes, “a journey of a thousand miles begins with a single step”. Zero Trust is a journey rather than a destination, a process of continuous improvement that can begin with a few simple steps that any organisation can make immediately. So, what’s holding them back? urney – single step zero-trust journey www.networkseuropemagazine.com 61The common barriers to progress At the start of any major IT project, questions and thoughts will turn to any perceived challenges that the organisation may face during the journey, and the move to Zero Trust is no exception to this rule. In fact, our research found that the majority of IT decision-makers – around 80% – had encountered some form of technological or operational issue around Zero Trust, most often around legacy technology and budget constraints. One of the most common misconceptions is the idea that Zero Trust needs to be fully functional and widely implemented right off the bat. As a result, it tends to be seen as a high-stakes project that must be executed perfectly. Accordingly, IT decision-makers attempt to carve out large budgets and allocate teams of 30 or 40 people to try and do everything at once. Similarly, they will feel that they need to have perfect metadata about their entire system before they can begin. Dealing with legacy systems is another hurdle that can often seem insurmountable, particularly for older organisations with extensive infrastructure. IT heads may feel that they cannot make any major changes to their brownfield environments due to the risk of impacting production applications. Similarly, there is a misconception that Zero Trust is only achievable with a suite of shiny new security tools that will far overrun the organisation’s IT budget. Attempting to create a long-term plan around these issues can be a slow and painstaking process, with IT teams being afraid to act unless they have months of data ready to back up their decisions. These are all valid concerns. Zero Trust is indeed a large undertaking that will eventually lead to fundamental changes to the way IT assets are accessed by users and systems alike. “Eventually” is the operative word here though. In reality, all Zero Trust projects begin with a few simple and quick steps. Dream big, start small The Zero Trust journey is long – potentially never-ending, truthfully. However, it is possible to split this journey into smaller more readily completable stages. Rather than attempting to assemble and execute a single grand plan, it’s best to break Zero Trust down into multiple small projects that, one at a time, will provide value in their own right. To get started, firms should look at the problem they’re trying to solve and assess where they can make the biggest gains for the most reasonable cost. Reducing the complexity and scope of the objectives also reduces the number of obstacles, and the people and budget needed to tackle them. This will make it much easier to secure the initial budget from the board, which can then be increased incrementally as each win provides tangible ROI for the Zero Trust initiative. It can be useful to have a plan together to ensure these smaller projects are integrated effectively, but taking steps enables an iterative approach where plans can be course corrected as things take shape. The Zero Trust journey will be different for each organisation, influenced by their unique infrastructure, business goals and risk appetite. As such, it’s best to begin with thorough visibility and a risk assessment to determine where the greatest security issues are, and where a Zero Trust project might have the greatest impact. Look for quick wins Rather than looking at Zero Trust as some grand undertaking, it can be helpful to simply think of it as a focus on tightening up security controls. With this in mind, it’s possible to start racking up some quick wins to get things moving. Successfully establishing least privilege for example is an essential foundation for Zero Trust’s risk-based access controls, but also provides a quantifiable example to the board of what can be achieved. Zero Trust test pilots can be delivered to small user groups or applications in the first instance. Successful pilots will also build confidence in the security team and show that Zero Trust is a valuable journey that can be completed one step at a time. Regardless of what happens next, a small project like this will succeed in delivering a tangible improvement to the company’s security posture. Taking the first step with the least privilege As mentioned, tackling user access privilege is one of the best starting points. Zero Trust is essentially applying security through the principle of least privilege. This is something that any company can begin making progress towards immediately, without the need to budget for any shiny new products. Better yet, establishing a least privilege approach to access is guaranteed to improve the company’s security standing. Every organisation has some form of directory service, often Active Directory. So, to begin with, they can use this to scope out role and user permission mapping. All users and roles should only be allocated the permissions they need to perform their core functions. Excessive permissions should be removed, mitigating the risk zero-trust journey www.networkseuropemagazine.com 62 There is a misconception that Zero Trust is only achievable with a suite of shiny new security tools that will far overrun the organisation’s IT budget. posed by misuse if a threat actor compromises the account, as well as the potential for malicious insiders. It's common to find organisations only have a handful of different roles, which have been allocated a large swathe of powers and permissions. This is because managing permissions used to be a fairly resource-heavy, manual activity. Today though, it is far more straightforward to automate the bulk of the work, making it easy to create many distinct roles that have the exact access privileges they require. Building upon the foundation to scale up It’s important to remember that Zero Trust is not something that must wait for new up-and-coming IT projects such as cloud migration. After gaining visibility, begin with the least privilege, a principle that can readily be applied to any existing brownfield infrastructure today. Once this level of granular control has been achieved and an automated process for managing privilege is in place, implementing a comprehensive Zero Trust strategy suddenly becomes far more realistic. From here, the security team will be in a good position to start scaling up and expanding the Zero Trust architecture across the organisation to cover more users and applications. Effective automation is absolutely essential here as it is impossible to deliver Zero Trust at scale without it. Finally, many firms will discover that Zero Trust has no real endpoint. Some will hit a certain milestone and decide they have achieved their current objectives, but even the most mature organisations that have travelled their proverbial thousand miles have found they still have more to go. However the Zero Trust journey unfolds, it always begins with a single step. n zero-trust journey www.networkseuropemagazine.com 63Connecting people processes, and things for truly smart smart buildings www.networkseuropemagazine.com 64Kelly Allen Director at Nokia Alliance EMEA Alcatel-Lucent Enterprise ple, and things for art buildings It would be fascinating to know what the creators of the 1919 Téléphone Privé would make of today’s connected landscape. Rapid innovations over the past 100 years have seen us evolve from connecting one private telephone line with another, to the expansive connectivity we experience today. Technology is now a means of bringing people, processes and things together, and in the case of smart buildings, all under one roof. The age of the smart building The technology deployed in smart buildings is developing constantly, but the essence of a smart building and its function remains the same. A building that implements technology in order to use resources more efficiently and economically, while also creating a safer, more comfortable environment earns itself the title of a smart building. No longer is the shell of a building and space inside enough, buildings now provide multiple services which impact business in terms of minimising costs, increasing energy savings, providing enhanced safety for occupants, and automating services for a user-friendly experience. smart buildings www.networkseuropemagazine.com 65The foundation for a smart building At the core of a smart building is a secure, robust, high-performance network, essential for delivering the information, applications, and IoT connectivity that power the building’s operations. Such a network provides the tools needed to meet the business needs of smart buildings, including high- performance LAN and WLAN products and architectures, and network management that provides predictive analytics and supports automation tools securely and efficiently. A building cannot be smart without an intelligent network, without establishing this level of performance, a network will not be able to keep pace with the demands asked of it and will result in inefficiency in terms of time and money. It is essential to think smart with your network in order to lay the foundation for a successful smart building. Innovations in IoT Developments in IoT technology have enabled smart buildings to take connectivity to the next level, linking with existing building management systems to further support the goal of ensuring time, cost and energy efficiency. Real-time IoT occupancy sensors can share information that can be used to automate various processes, including heating, lighting and ventilation to deliver cost and sustainability benefits. Similarly, IoT occupancy sensors can be used to enhance productivity and workflow. Consider instances such as booking a meeting room or workspace with the help of real-time alerts. Monitoring traffic within a building also informs a business as to how the space is used. Using this information, improvements can be made to optimise operations and ensure that heavy footfall areas receive the upkeep and maintenance required. Allowing different systems within a smart building to smart buildings www.networkseuropemagazine.com 66communicate with each other and create an ecosystem makes for smoother, more productive operations with benefits on multiple levels. A focus on security When it comes to security, IoT is in some senses a double-edged sword. On the one hand, IoT enabled sensors and cameras can be used to detect intruders, trigger alarms and alert authorities. While wireless door locks and facial recognition systems provide an extra layer of security protection that isn’t prone to human error. However, increased use of IoT devices also results in increased risk in terms of cybersecurity, as the number of entry points for hackers is multiplied. And in the mission to bring together siloed data onto one network, if a hacker should gain entry, they gain access to everything. Here again, we return to the network, the reliable foundation of the smart building must be capable of handling many devices and the constant transfer of data, without its security being compromised. Smart buildings built for the new normal In light of the events of the past 18 months, smart building facilities have really come into their own, proving their value on a whole new level. IoT use cases such as people density monitoring and wearables to ensure a safe distance is maintained would simply not be possible outside of the realm of the smart building. Temperature tracking and air purifying have become recognisable aspects of the new normal and can be optimally used through smart building technology. Many operations which began as crisis response mechanisms are likely to stand the test of time and become a part of our everyday lives. As such, integrating technology with the way we live and work will see the evolution of smart buildings go from strength to strength. n smart buildings www.networkseuropemagazine.com 67Movers and Shakers Cervest Appoints Lila Tretikov Chairperson of Board of Directors Cervest has tapped Lila Tretikov to lead its Board of Directors. An award-winning senior technology executive, engineer, and former CEO, Tretikov will share her expertise in scaling companies for rapid growth to assist Cervest in bringing its Climate Intelligence (CI) platform and EarthScan product to market. Tretikov is an expert across artificial intelligence (AI), technology-enabled business transformation and climate science. She currently serves as Corporate Vice President and Deputy Chief Technology Officer at Microsoft. Before joining Microsoft, Tretikov was SVP of Engie SA, a multinational energy company, and CEO and Vice Chairman of Terrawatt, a subsidiary focused on altering the Earth’s ecology through energy transition to CO2-negative systems. In addition, she served as CEO and Executive Director of the Wikimedia Foundation and Wikipedia Endowment, the organisation that manages Wikipedia. “Climate is finally on the top of the agenda for boards and governments,” said Tretikov. “Cervest’s platform serves an immediate and growing need for leaders to factor climate risk into corporate operations, capital allocations and corporate disclosures. Cervest will enable organisations to understand and mitigate these risks, improve their planning, and become more resilient in the face of extreme climate events as leaders across the globe forge a more sustainable future.” Powered by groundbreaking Earth Science AI technology, Cervest’s Climate Intelligence platform combines climate data, machine learning and statistical models to present a unified view of climate risk across millions of global assets for the first time. EarthScan, the first product on Cervest’s platform, gives enterprises and governments on-demand access to current, historical and predictive intelligence on how combined climate risks can impact the individual assets they own or manage. “Lila’s experience is incredibly unique,” said Iggy Bassi, CEO of Cervest. “She brings to Cervest an important combination of climate and sustainability knowledge coupled with technology and AI expertise. She understands the strategic and operational issues CEOs face and shares our vision that Climate Intelligence will one day be at the core of all business decision-making. Her leadership will prove extremely valuable as we bring the Cervest platform to enterprises and governments worldwide.” n Kalam Meah Joins TP-Link to Spearhead ISP Division TP-Link has announced the appointment of Kalam Meah as its ISP Director for the UK & Ireland. Kalam joins TP-Link having spent the last 20 years working in various positions in telcos and vendors including Orange, T-Mobile & ZTE, amongst others. Experiencing the procurement process from both sides of the fence, Kalam brings with him a unique knowledge, insight and understanding of how to bring products to market that anticipate, direct and deliver against customer requirements. As ISP Director, Kalam will be responsible for TP-Link’s ISP division and ensuring that the Service Provider community has access to the best possible devices at the most competitive prices, with a service wrap based on responsiveness, flexibility and excellence. Commenting on his new role, Kalam said: “As the leading provider of network devices into the consumer and SMB space, TP-Link is one of the companies in the technology ecosystem that enables the future to happen. It is a pleasure to join this dynamic, proactive, flexible and customer-friendly team that is fully committed to the goal of becoming the number one vendor of choice for the Service Provider community. This realistic and achievable goal is what really excited me about the role at TP-Link and the challenge of making it happen. “The pandemic and lockdowns have focused everyone's minds on connectivity, both in the technical sense of being connected to the web, but also in human-to-human coming together. Historically speaking, it has been through new types of connectivity that social and material progress has been made whether it was the road system from the Romans to the canals and railway systems of the Victorians. We are at the beginning of another transformative connectivity revolution which will be fast and dynamic, giving rise to a great number of things that will change people's lives for the better. Being part of this great wave of positive change is something I'm truly excited to be involved in.” n Mayflex Appoints Sarah Lang Mayflex, a distributor of Converged IP Solutions, has appointed Sarah Long as an Account Manager to manage and develop accounts in the North West area of the country, with a specific focus on the security product portfolio as part of the converged solution. Sarah Long has joined the business from Norbain, so fully understands the security industry and the requirements of the installer base. Tom Filce, Director of Sales for Security commented, “We are delighted to have Sarah join the team, she has an excellent reputation in the industry, and she has a great energy and enthusiasm which I know will fit right in with the Mayflex team and with our customers in the North West of the country.” Filce continued, “Sarah will be up and running in no time at all as she already has a strong knowledge of Hikvision, Axis and Paxton and she will undergo training to bring her up to speed on Avigilon and Suprema as well as the other brands in the portfolio.” Sarah commented, “I’m really excited to join Mayflex, I’ve competed against them for many years so it’s great to now be part of the team and see it from the other side. It’s early days, but so far I’ve been really impressed by the professionalism and friendliness of the Mayflex team and I’m looking forward to getting out and meeting my customers and working with them to build long-lasting relationships to mutually grow our businesses.” n www.networkseuropemagazine.com MOVERS AND SHAKERS www.networkseuropemagazine.com 68Glide Group Appoints Chris Bates as Chief Financial Officer Glide Group has announced the appointment of Chris Bates as the organisation’s Chief Financial Officer (CFO). Chris Bates joins Glide having previously worked in Private Equity owned businesses covering technology, engineering, contracting and construction and service sectors. With over 35 years of experience in finance, Bates has spent the last decade within CFO roles for organisations such as VPS Holdings, Survitec Group, Hydro International and Supplier Assessment Services. This announcement marks the continued strengthening of Glide's senior management team. Earlier this year, Glide also added two other members to its leadership team, Chief Technology Officer, Sean Lowry, and Chief Operating Officer, Phil Duggan. These announcements were soon followed by Glide Group’s acquisition of fibre network builder, Concept Solutions People (CSP). Now, continuing the organisation’s 2021 momentum, Bates will be responsible for managing Glide’s financial portfolio and future planning as it continues to grow. “It has been a very exciting and fast-paced year for Glide as it further strengthens its services and adapts to the increased demand for ultra-fast connectivity that has developed as a result of the Covid-19 pandemic,” said Bates. “I’m looking forward to seeing Glide continue to evolve and mature during this period of growth, creating an infrastructure based business delivering excellent networks.” Tim Pilcher, CEO of Glide Group, said: “Chris’ experience speaks for itself and we are really pleased to be able to welcome him into the organisation. It has been a pivotal year for Glide and following a strong first half to 2021, we are keen to continue with the same upward trajectory. Chris will play a significant role in helping us navigate the future and ensure that we can proceed with development at an exciting time in the coming months. n STL appoints Paul Atkinson as CEO for Optical Networking business STL has announced the appointment of Paul Atkinson as the Chief Executive Officer for its Optical Networking Business. Paul’s appointment is in line with the widened portfolio and the increased global reach of STL’s Optical business. Before STL, Paul Atkinson was the Managing Director and Group CEO at IXOM, Australia. Prior to IXOM, Paul was associated with Prysmian Group for over 20 years as the CEO of affiliates and regions across the world. During this stint, he led multiple successful business integrations and was pivotal in delivering non-linear growth across geographies and business lines. Before Prysmian Group, he held senior roles in commercial, finance and operations in the consumer goods and healthcare sectors. Paul takes over this responsibility from Ankit Agarwal, who has played a crucial role in STL's global expansion in the Optical business. Ankit widened the portfolio with the acquisition of Optotec & Metallurgica Bresciana and increased STL’s scale and presence in Italy, UK, the US, Brazil and China. As a Whole-Time Director on the board, Ankit will now focus on driving the strategy and growth across STL. Welcoming Paul, Agarwal said: “Leading the Optical business has been an incredible journey during which we became global and achieved many firsts. With STL accelerating its efforts in optical innovation, I welcome Paul who with his deep, global expertise will take the business to greater heights. As we look forward to a decade of network creation, I am excited about expanding my focus to drive STL's ambitious growth plans with disruptive strategies.” “Digital networks are key to the 4th industrial revolution, where optical technologies are taking centre stage. With over 25 years of expertise, STL is expanding its scope and scaling globally. STL has the right expertise and ambition to service network creators across the globe. I am very excited to lead the Optical Networking business, which will shape the future digital landscape,” said Paul Atkinson. Commenting on this development, Dr Anand Agarwal, Group CEO, STL, said: “Optical connectivity and networks have always been our core and with Ankit at the helm, we have passionately put this business on the global map. I look forward to partnering with Ankit in the strategic growth of the company. ” n Siemon appoints global data centre and fibre specialists Siemon has announced the expansion of its data centre and fibre expertise with the addition of two experts that together bring 50 years of industry experience to the company. Gary Bernstein, RCDD, CDCD, has joined Siemon as their Global Data Centre Solutions Specialist to lead the company’s global data centre sales strategic initiatives, create and deliver seminars and training, support Siemon’s global sales team and foster strong relationships with data centre customers and ecosystem partners. Gary comes to Siemon with more than 25 years of industry experience and extensive knowledge in data centre infrastructure, telecommunications, and copper and fibre structured cabling systems. He serves as a member on various TIA and IEEE standards bodies, including IEEE 802.3 200/400 Gigabit and Beyond 400 Gigabit task forces. Tony Walker, CM&AA, has joined Siemon as Global Fibre Product Marketing Manager to enhance Siemon’s fibre optic product offering and support customer needs via product planning, development and lifecycle management efforts based on analysis of industry, market and application trends. Tony comes to Siemon with 25 years of industry experience in business development and go-to-market strategy for data centre, network services and enterprise telecommunication solutions, having applied dynamic and innovative approaches to successfully expand revenue streams and capabilities for a variety of leading technology companies. “As data centres continue to grow and evolve as the foundation for today’s digital world, we are excited to build upon Siemon’s industry leadership, expert technical support and trusted quality and performance by welcoming these knowledgeable professionals to our family,” says Henry Siemon, President, and CEO. n Gary Bernstein Tony Walker MOVERS AND SHAKERS www.networkseuropemagazine.comwww.networkseuropemagazine.com 69 For your movers and shakers, contact: editor@networkseuropemagazine.comNext >