Cyber-attacks are rising on a year-by-year basis, with a growing focus on the application layer. There are numerous organisations that seem to have deployed duplicated software assets, which means they do not necessarily get patched. Essentially, they are just waiting in the wings for some passing attacker to find and exploit their vulnerabilities at the expense of the enterprise.
The problem thus far has been that as we have progressed though the age of computerisation, we have developed a hunger for software assets and upgrades, a hunger which has on multiples of occasions gotten out of hand, allowing big-name companies to reap in the wealth, whereas commercial organisations, public institutions, and schools alike can’t necessarily afford these types of products. This wealth needs to be rebalanced.
Fortunately, I recently stumbled across a free of cost service that is “guaranteed” to enhance application security by removing unwanted assets. Subsequently, it also has the potential to transfer considerable funds back to the organisation.
Optimise Direct is a Software Licensing Forensics and Recovery Service (@Optimise_Direct – www.optimisedirect.com) that assists organisations on a no-find-no-fee basis in finding and eliminating excesive and/or duplicated software licenses. But it does not stop there. Optimise Direct also works with the end client to assure that as they move forward, they manage their assets according only to what they need and not to what companies might be trying to sell them.
It is not often that we see security and cost savings rolled up into one. But here we have it, and it is something that I feel has potential not only for every SME, Governance Department, local authorities, and commercial entities in the UK, but also beyond. Such is the potential of SaaCS, Security –as-a-Cost Saving.
[su_box title=”About Professor John Walker – FMFSoc FBCS FRSA CITP CISM CRISC ITPC
” style=”noise” box_color=”#336588″]
Visiting Professor at the School of Science and Technology at Nottingham Trent University (NTU), Visiting Professor/Lecturer at the University of Slavonia [to 2015], Independent Consultant, Practicing Expert Witness, ENISA CEI Listed Expert, Editorial Member of the Cyber Security Research Institute (CRSI), Fellow of the British Computer Society (BCS), Fellow of the Royal Society of the Arts (RSA), Board Advisor to the Digital Trust, Writer for SC Magazine UK, Originator of DarkWeb Threat Intelligence, CSIRT, Attack Remediation and Cyber Training Service/Platform, Accreditation Assessor and Academic Practitioner and Accredited Advisor to the Chartered Society of Forensic Sciences in the area of Digital/Cyber Forensics.
Twitter: @SBLTD
John Walker is also our Panel member. To find out more about our panel members visit the biographies page.[/su_box]
John is the Principle at Shadow-Intelligence (Si), partnering with PALISCOPE, BreachAware and iStorage. He is a Visiting Professor at the School of Science and Technology, Nottingham, Trent University (NTU) and holds the appointment of Editor in Chief for the International Journal of Cyber Forensics and Advanced Threat Investigations (CFATI). For the last decade he has delivered training courses in the Middle, and Far East to Commercial, Industrial, the Financial Services Sector, and Military Agencies, including the UAE, US, Pakistan, Saudi Arabia, Malaysia (KL), Singapore, Argentina, and Sao Paulo
He served in the Royal Air Force 22 years’, specialising in Counterintelligence, working with UK Agencies such as GCHQ/CESG, and others in the fields of SIGINT, COMINT and Satellite Communications, holding appointments such as System ITSO for a CIA SCIF.
In the commercials sectors of IT/Cyber he has worked for/with Logica, Bae, T5, GM, Experian, Betfair, Palace of Westminster, House of Lords/Commons, TSol (Treasury Solicitors) and provided Consultancy to the Saudi Arabian MOD, TRA (Telecommunications Authority (Dubai) and the Military Academy of Malaysia (KL) on SOC, CSIRT, Digital Forensics and OSINT. Within the last 5 years he has focused on Geopolitics, with global expertise around the UAE and Russia, Anti-Terrorist Operations (ATO), Cyber-Warfare, Dezinformatsiya (Disinformation) and Maskirovka (Military Deception).
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
