Last month, many of the world’s leaders gathered for COP27 to discuss climate change, lowering energy consumption and greenhouse gas emissions. With reports suggesting the earth has only 27-years left before it runs out of food, and that 1.7 planets are needed for man’s increasing consumption and waste, it got me thinking about cybersecurity and sustainability. How can IT decision makers and cybersecurity leaders be less wasteful and more impactful in terms of our planet? How can costs be minimised and production maximised? And what investments of time, money, and focus are needed when considering tomorrow’s world?
The answers come from interrogating sustainability, and how its three main pillars of economic, social, and environmental (commonly referred to as people, profits, and planet) map onto cybersecurity’s pillars of people, process, and technology. So, let’s look at them.
People and Sustainability.
Companies who care about sustainability invest in people. They understand that people are its front line, and that’s why their leaders work hard to ensure the people they are working with are considered, supported, and not disadvantaged. So, when it comes to cybersecurity and sustainability, here’s how their leaders can make a difference.
By building their workforce equal, diverse, and inclusive. Good leaders know that decisions are of a higher quality and productivity, innovation, and profitability rise when this transpires. That’s why they strategically hire using ways that rapidly foster diverse talent acquisition as well as lowering overheads. They don’t assume that good recruitment is sufficient for performance and business growth either. They know that if they are to succeed in building an optimal sustainable team – people who stay with them beyond the average 4-year tenure, then they must upskill and support their employees at every stage of their career journey.
Good leaders recognise the returns that come from employee experience (EX) and how technology plays such a crucial part. With hybrid and remote workforces to manage, they know employees must be able to collaborate in the office and outside of it, and their experience must be as levelling and as inclusive as possible.
If someone is housebound, works part-time, or is caring for a family member (child, parent spouse), then technology can open up opportunities and enable them to expand their workforce and work in different ways. Let’s take the PC, as an example. As a PC is at the heart of an employee’s work, performance (in terms of video, audio, and connectivity), and stability are essential. Old PCs that are slow or constantly need to reboot aren’t just wasteful of energy and bad for the planet (consuming twice as much energy as a modern PC), they can be detrimental to employee health and well-being, increasing social risk.
Sarah Wieskus, Global Commercial Sales Lead at Intel spoke about the benefits of their Intel vPro, Built for Business PC platform when I invited her onto my Women in Cybersecurity Podcast, which will be coming to you in the next few days.
Sustainability and process
To achieve cybersecurity and sustainability means adopting secure practices throughout a company. It means having processes in place that support the flow of work, knowing who does what, and sharing information regularly between teams and departments. That way cybersecurity awareness increases, information is understood, accessible, and adhered to.
It means including integral stakeholders like internal audit and cybersecurity right from the start of a new project, from the requirement stage, all the way through to the design, implementation, verification, support, maintenance, and ‘end-of-life’ stages. When representatives from these teams are involved in the secure development lifecycle (SDLC), from inception, threats and vulnerabilities can be better identified, and appropriate controls selected before any money is spent. The business gains as it can more adequately protect the integrity of its assets, and free itself from unnecessary and unexpected cost and risk surprises later. In fact, it can eliminate 50% of software bugs, and lower security management and incident response costs by 75%.
It means weaving sustainability into its procurement process. Vendors and suppliers who are committed to sustainability and its cousin ESG should be picked over those who aren’t. For example, those who: design green or energy efficient technology, use renewable energy, have low carbon footprints, recycle (paper, servers, desktops, laptops, smartphones, and other tech equipment), purchase PCs and devices that are rated, certified or audited for energy efficiencies and sustainable practices by groups like TCO Certified or Energy Star, support the right to repair, invest in employee well-being and diversity initiatives, plus schemes like Cyber Essentials (available in the UK) or the ISO 27001 standard which demonstrate they prioritise data security (to their customers and supply chain partners) and follow best practice standards.
Sustainability and technology
When a company invests in technology it’s because it wants to better perform, collaborate, innovate, and add value. It wants to move faster, more intelligently, and more cheaply. These aspirational outcomes can be great for cybersecurity and sustainability.
With considered buying, huge cost savings, greater productivity, and protection can be realised by simplifying technologies, moving to the cloud and re-architecting environments. For example, replacing legacy systems which often require more power and cooling, inefficient ageing infrastructure, costly private networks, slow backhauls through data centres, and single point solution products that only solve one problem and don’t integrate well, if at all, with other technologies.
And because costs have come down from managed security service suppliers who have scaled, companies no longer need to build and manage their own in-house secure operation centres (SOCs). Now, they can outsource to companies that can provide superior security management, and threat detection and response times using AI, machine learning and other automated technologies, thereby lowering their infrastructure expenditure, alleviating internal security team pressures, hiring challenges, and of course reducing their ecological impact.
And as these new technologies enable employees to work safely from anywhere, at any time, and on a range of devices, IT decision makers and cybersecurity leaders can gain many sustainability wins. Let’s look at some.
Managing PCs beyond the firewall. Considering the distributed workforce, technology offers many sustainability and cybersecurity benefits. For example, it can enable a company to attract and retain diverse talent more easily, increase productivity, and with less office space needed, it can lower its ecological footprint significantly. However, when it comes to technically supporting a distributed workforce and managing PCs beyond the firewall, IT and cybersecurity leaders have encountered problems. But now, thanks to technology like the Intel vPro platform, IT administrators can remotely manage PCs across most sites, whether on premise or via the cloud. No matter where a PC is located, it can automatically contact the management console for scheduled software updates, maintenance, patches, and backups. It can also automatically isolate itself from the network when unusual activity is detected, and it can call for help when its user has a problem.
Reducing IT dispatches and PC shipments. When PCs can’t be fixed remotely, technicians (and vehicles) are often dispatched, or PCs have to be shipped somewhere for repairs. This increases costs, vehicle emissions and impacts the environment. But when IT decision makers invest in technologies that offer hardware-enhanced PC management, like the vPro platform, they can speed up PC issues, even when operating systems fail or are wiped. Since IT admins can log in remotely to diagnose and repair, and PCs no longer need to be transported for repairs, carbon emissions can be eliminated, employee downtime reduced, and efficiencies maximised.
Power management. According to reports, electricity prices are surging globally and could spark another 3-years of market volatility, so it’s crucial electricity consumption is efficiently managed – and not purely on account of the financial savings.
The earth is warming up despite climate action commitments under the 2015 Paris Agreement. As generating electricity and heat by burning fossil fuels (coal, oil, or gas) is said to be the root cause of climate change – and also fundamental to the solution, it’s important IT and security leaders do more.
If PCs and monitors in all offices were set to “sleep mode” or switched off when not in use, the amount of electricity and greenhouse gas emissions that could be saved would be considerable. For example, one report said that if this happened in the US, the country would save about 44 billion kWh of electricity (around $4 billion), and greenhouse gas emissions equivalent to around 5 million cars.
Thankfully, despite technology’s appetite for power, it’s now entirely possible to reduce power without affecting employee productivity and worrying cybersecurity leaders over security issues. When technology such as the Intel vPro platform is used, new hardware-enabled management capabilities can enable remote PCs that are asleep or powered off to be securely and reliably woken up for patching, software updates, and maintenance.
To sum up, climate change is the world’s greatest challenge. The World Economic Forum’ ranks it as the #1 Global Risk. The world desperately needs IT decision makers and cybersecurity leaders to take sustainability seriously and act responsibly. The good news is, there are many proactive actions IT and cybersecurity leaders can take that include people, process, and technology. With trusted partners like Intel and technologies like the vPro platform, IT and security leaders can rest assured that they are in safe hands. Intel’s products form the root of trust for protecting customer data, and with the Intel vPro platform it’s certain to help any company with security, performance, and continuity, no matter their size.
Now, I want to hear from you…
Tell me, how are you taking the stress out of securing your workforce? What else needs to be done? Then head over to Intel to learn more about the Intel vPro platform and how you can ensure the security of your workplace.
Finally, in the spirit of full disclosure, please be aware that I’ve received compensation for promoting this #ad for Intel Because your success is important to me, I only align myself with brands I believe in, and Intel is one of them.