Page 11 - 2016
P. 11
was becoming increasingly affordable and the enterprise advisory firm. �IT complexity is so bad that even in new
IT �strategy� of just-add-more-hardware began. While we datacenters, after just a few months, CIOs don�t know what
were making InfoSec more comprehensive by introducing (applications) they have outside of the perimeter.�
correlation (i.e. more complex), we were also expanding
our datacenters� hardware footprints creating more Garbani adds: �You wouldn�t drive your car without a
datacenter to manage (i.e. more complex). speedometer or other dashboard dial. This is what IT
managers are dealing with in the datacenter. They have
What if we built cars the way we built IT infrastructures� little visibility in where applications are, so that when there
In an IT world wrought with complexity, it�s easy to be is a breach, they are unable to quickly plug the hole and
tactical. The graph in Figure 1 shows non-farm payroll stop the data exfiltration.�
employment since the recession of 2009.
In an attempt to improve visibility to enterprise IT
The inversed bell curve represents a gouged out base of infrastructures supporting system-wide application
human resources that, in the IT sector has neither been delivery, CIOs have been turning to configuration
rehired nor seen much increase in wages over the past management databases or CMDBs, as a means to visually
six-plus years. What we are left with is a heavy dose of map applications and the dependencies of applications to
do-more-with-less in IT and other resource functions of hardware. The problem once again is IT complexity,
the non-farm economy. compounded by the difficulty in monitoring thousands of
mobile devices, some corporate-owned some BYOD,
�Everything in IT management is reactive and tactical,� outside of the network perimeter and the added
says Jean-Pierre Garbani, vice president and principal �dependency� of tens of thousands of human resources
analyst at Forrester Research, a global research and accessing network data stores from those devices. In a Band
CYBER DEFENSE MAGAZINE - ANNUAL EDITION 11
