Paul German

Chief Information Security Officers (CISOs) are being encouraged to build a Secure Access Service Edge (SASE) migration plan to create a robust Zero Trust architecture, while also consolidating the security vendor suite. Yet, while the concept of single vendor SASE solutions may appear to meet goals for rationalising security costs and complexity, it creates untenable risks for any organisation operating in a high assurance industry. Paul German, CEO, Certes Networks, explains why a best of breed SASE framework from a single Managed Service Provider is key to de-risking SASE for high assurance companies. Trusted Framework Secure Access Service Edge (SASE)…

The UK Treasury is becoming increasingly frustrated by the billions of pounds wasted by government departments on legacy technology and proprietary infrastructure. With Digital Transformation now imperative, there is little patience for the endemic delays in decision making that are adding untenable costs to a government that simply has no more resources. Why are departments still spending £millions every month on expensive proprietary connectivity when the tried, tested and proven Software Defined Wide Area Network (SD-WAN) alternative costs just a fraction? How can departments justify the use of outdated legacy systems that demand huge expenditure just to keep up and…

The prohibitive cost of WAN technology has become a major concern for businesses and governments and driven the explosion in adoption of Software-Defined Wide Area Networks (SD-WAN) in recent years. Yet a gap is beginning to emerge between those businesses able to explore the flexibility and low cost offered by SD-WAN and those, typically regulated, organisations that have serious concerns about data security. Without access to the agility, flexibility and support for cloud based transformation provided by SD-WAN, these organisations will struggle to keep pace with the innovations enjoyed by 80% of the market. Yet if SD-WAN cannot support the…

It is now inevitable that the encryption algorithms used to secure vital data across the world – from defence and banking to infrastructure and air travel – will be breached. With the escalation in computing power enabled by quantum technology, the question is not if, but when potentially devastating breaches will occur. With ‘harvest now, decrypt later’ hacking strategies currently in progress, criminals are banking on the power of quantum computing to allow them to unlock huge data resources. The onus is on companies not just to consider the future quantum threat but to determine how best to protect current…

The US National Institute of Standards and Technology’s (NIST) recent Special Publication (SP 800-207) has changed the table stakes when it comes to cybersecurity best practice. While not mandatory, the federal agency’s role in enhancing economic security cannot be under-estimated. As such, its guidance on refining the concept of Zero Trust and its high-level roadmap on how organisations can implement a standardised approach to a Zero Trust Architecture can also not be ignored. Paul German, CEO, Certes Networks, outlines why adopting a Zero Trust mindset to data and cyber security is now an operational necessity, and explores the essential components…

How do organisations know their data is secure? And how can companies ensure that a network breach won’t result in a loss of sensitive data? The consequences of a data breach are potentially disastrous for any organisation, so companies need to be reassured that their data is secure at all times in line with any internal and external compliance needs – and that they have the tools and visibility to prove this, should a network breach occur. With 78% of IT security leaders lacking confidence in their company’s cybersecurity posture, now is the time for organisations to focus on applying…

Why is it that the security industry talks about network security, but data breaches? It’s clear that something needs to change, and according to Paul German, CEO, Certes Networks, the change is simple. For too long now, organisations have been focusing on protecting their network, when in fact they should have been protecting their data. Paul outlines three reasons why the security industry has been protecting the wrong thing and what they can do to secure their data as we move into 2021. Reason one: They’re called data breaches, not network breaches, for a reason Looking back on some of…

The role of a CISO is undoubtedly changing. Not only does the role now require more responsibility than ever, but the heightened risks associated with the role has put it firmly in the spotlight of both the company Board and the industry as a whole. And, when it comes to a data breach, the simple fact is that someone will always have to accept responsibility – whether it’s the CISO, CIO or CEO. The huge amount of data breaches that can now be recalled show that cybersecurity failures can be fatal; a major data breach will ruin not only an…

It is no surprise that hackers will always target high value, critical data, so amongst some of the most targeted industries is healthcare; the highly sensitive patient data stored in this industry creates a playground ready for waiting hackers to exploit. In the past five years alone, healthcare breaches have grown in both frequency and size, with the largest impacting as many as 80 million people. Last year, the NHS suffered significant disruption from WannaCry, which bought the vulnerability of the healthcare sector into sharp focus. This attack contributed to 1,300 hours’ of downtime over the last three years, but the problems…

Simplicity is becoming a major selling point – especially when it comes to IT security. As organisations wake up to the huge additional requirements associated with the new General Data Protection Regulation (GDPR) that comes into force in 2018, any solution that can minimise complexity is compelling. The use of Software Defined Networking to deliver a raft of essential security functions, from firewalls to intrusion detection, via a Virtual Network Function (VNF) model is testament to the growing recognition of the value of an out-sourced, yet on-premise, solution. However, the majority of these White Box services from Managed Service Providers…