Case Studies Of Typical Holistic Technologies
CASE STUDIES OF TYPICAL HOLISTIC TECHNOLOGIES – Life Technologies – Dedicated to Accelerating a Sustainable Future.
Life Technologies is a company working on new frontiers in biotechnology, pursuing solutions that will ultimately lead to a more sustainable world. Their products are used to address fundamental challenges, like how we will feed and power the world.
[br]
Their story is striking on a number of levels. Through its Global Citizenship approach, the company has generated an impressive commitment to integrating sustainability principles, not only as a part of the company’s stewardship of community, people, science, and ethics but also as a compelling business strategy, with a strong focus on quantifiable benefits.
[br]
There are a number of interesting angles we can learn from Life Technologies. At the strategic level, the company has developed a four-phase Evolution Model, through which its sustainability program has emerged, a model that we explore in depth in our detailed case study. Additionally, the company has produced an internal playbook that provides a road map for integrating sustainability principles and is used by each of Life Technologies ‘ sites around the world.
[br]
This structured approach has delivered an impressive range of eco-efficiency achievements. Between 2004 and 2008 Life Technologies delivered a 36 % reduction in carbon emissions, energy savings of 32 %, waste recycling at 23 %, and millions of dollars in operational cost savings.
[br]
A Holistic Approach to Cyber Security: Protect Your Reputation and Your Bottom Line
[br]
ISACA defines cyber security as ” the actions related to protecting information assets by addressing threats to information processed, stored, and transported by information systems that are, internetworked. ” To effectively address cyber security, an organization’s approach must be holistic. Technology alone is not the solution. Instead, a number of elements must be considered, including people and processes.
[br]
” If a cyber security program isn’t holistic – for example if it deals only with technology and does not address elements like organization, culture, or the human factor – one should not be too optimistic about the effectiveness of the program, ” says Dr. Christos Dimitriadis, head of information security for INTRALOT Group. Using a governance framework like COBIT, organizations can systemically and holistically transform their cyber security strategies.
[br]
A Governance Focus:
[br]
Cybersecurity governance is both preventive and corrective. It covers the preparations and precautions taken against cybercrime and cyber warfare, and it determines the processes and procedures needed to deal with incidents that occur.
[br]
In Transforming Cyber security Using COBIT 5, ISACA recommends starting with these eight principles:
[br]
- Know the potential impact of cybercrime and cyber warfare. The concept of cyber security should be seen in the light of potential damage and the wide-ranging impacts of cybercrime and cyber warfare. To adequately manage cyber security, the tolerable levels of risk and business impact must be known or carefully estimated. This includes in-depth knowledge about the ways in which end users may be targeted and affected by cyber security attacks and incidents.
- Understand end users, their cultural values, and their behavior patterns. As the ISACA guide notes, ” Business impact and business risk relating to cyber security arrangements are strongly influenced by organizational and individual culture. ” The culture and the resulting end-user behaviors and patterns should be accounted for in the enterprise’s strategic, tactical, and operational security measures.
- Clearly state the business case for cyber security and the risk appetite of the enterprise. The business case outlining the expected value and tolerable risk will drive the overall cyber security strategy. As a result, the business case must have depth and definition. Among its contents, it must include cost-benefit considerations and the organization’s culture and values pertaining to cyber security.
- Establish cyber security governance. There’s no need to reinvent the wheel here. Adopting and customizing a governance framework, such as COBIT, will give you the tried, tested, and proven governance guidance you need. By effectively governing cyber security, an organization provides a clear sense of direction and boundaries.
- Manage cyber security using principles and enablers. The principles and enablers found in COBITS will help your organization ensure end-to-end governance that meets stakeholder needs covers the enterprise and provides a holistic approach, among other benefits. The processes control activities, and key performance indicators associated with each enabler will provide the enterprise with a comprehensive picture of cyber security.
- Know the cyber security assurance universe and objectives. Cybersecurity covers multiple areas and aspects of information security. To provide adequate assurance over cyber security the cyber security universe must be well defined, and the assurance objectives must be clear and manageable.
- Provide reasonable assurance over cyber security. This principle requires all three lines of defense within an enterprise to be defined and managed. This includes monitoring, internal reviews, audits, and, as needed, investigative and forensic analysis.
- Establish and evolve systemic cyber security. Cyber attacks target the weakest link in the system. As a result, cyber security must be looked at as a system of interdependent elements and the links between them. To optimize cyber security, the enterprise must have a complete understanding of this dynamic system and must be fully aware that security governance, management, and assurance cannot be viewed in isolation.
[br]
Also, read