easy-accordion-free domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php on line 6114zoho-flow domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php on line 6114wordpress-seo domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php on line 6114The first rule of interviewing a CISO at the Australian division of Laing O\u2019Rourke is this: You can\u2019t dig deep into use cases or cli\u2026 Read more on Cisco Blogs<\/a><\/p>\n \u200b[[{“value”:”<\/p>\n The first rule of interviewing a CISO at the Australian division of Laing O\u2019Rourke is this: You can\u2019t dig deep into use cases or clients.<\/p>\n And this makes perfect sense, because when you\u2019re responsible for securing critical infrastructure for an AUD $6 billion global construction and engineering firm, with projects ranging from transport to defense, even scant details can lead to cyberattacks.<\/p>\n Despite the high stakes, Laing O\u2019Rourke\u2019s security challenges are distinctly universal \u2013 especially post-2020, where the world saw a massive boost in the sophistication and number of DDoS, VPN, and other web-related attacks. And like peer companies, the company needed to set a firm foundation to block internet-based attacks on distributed infrastructure.<\/p>\n But here\u2019s where things are different. Thanks to business requirements, Laing O\u2019Rourke\u2019s network environment is complex. The company often works on what James Fields, Group Deputy CISO for Laing O\u2019Rourke, calls \u201cmega projects,\u201d joint ventures (JVs) with other companies that are \u2013 to put it plainly \u2013 competitors.<\/p>\n \u201cBeing a construction business, physical security is a real challenge out on project sites. Often, for some of our larger-scale projects, we find ourselves in collaborative partnerships with our rivals,’\u201d Fields commented. \u201cAt one moment, they\u2019re our partners in a project, and in the next, they could be our competitors for fresh contracts. By engaging in these joint ventures, we\u2019re effectively inviting our competition into our network.\u201d<\/p>\n So, it is imperative that Laing O\u2019Rourke delivers secure network access to staff, clients and JV partners in a hot-desking environment AND satisfy clients demanding adherence to different frameworks and certification. The company must also prevent threat actors \u2014 as well as anyone who could benefit competitively, financially, or in any other way \u2013 \u2013 from accessing or exfiltrating information from the network.<\/p>\n And they did it this by adding two different Cisco solutions to the stack: Cisco Secure Firewall and Cisco Identity Services Engine (ISE).<\/p>\n Getting backing from leadership to invest in the best traffic and threat management tools can seem impossible for many teams. Thankfully, Fields has enthusiastic backing from the board.<\/p>\n \u201cMy team and I are truly passionate about cybersecurity, and we have the board\u2019s support not just for compliance\u2019s sake (not just performing a tick box exercise), but also for establishing the best practices and instilling a cyber-centric mindset throughout the business.\u201d<\/p>\n But that doesn\u2019t mean it\u2019s been easy building that framework.<\/p>\n As a snapshot, before Cisco ISE, Fields says, \u201cOur joint venture partners and clients had a potential risk of unintentionally (or deliberately) accessing our corporate network due to shared office space. This prevented business agility, necessitating fixed desks. Consequently, IT had to frequently reconfigure ports on project sites as staff assignments changed based on project phases or collaboration needs.\u201d<\/p>\n Developing those pre-designed workspaces based on whether the user was from Laing O\u2019Rourke, or a JV took precious time and energy that could have been used elsewhere. The Laing O\u2019Rourke team needed intelligent automation to streamline the process.<\/p>\n Laing O\u2019Rourke already had multiple firewalls in place, but it needed a Cisco Secure Firewall to help the company control network access, prevent intrusions and exfiltration, filter URLs, and conduct deep packet inspection. Meanwhile, Cisco ISE would help wrangle all those joint venture devices.<\/p>\n Since the Laing O\u2019Rourke team was already using Cisco switches and was familiar with how Cisco solutions work, it made the choice to add more Cisco to the stack all that much easier.<\/p>\n \u201cWe, like most enterprises, use Cisco switches at our core and at the edge. So it made sense to talk to Cisco about how they could help us protect our network.\u201d<\/p>\n Laing O\u2019Rourke needed physical security that could accommodate hybrid staff members and contractors through hot-desking (multiple workers using a single physical workstation) and achieving seamless connectivity and network management was crucial.<\/p>\n To address this, Laing O\u2019Rourke turned to Cisco Secure Firewall, allowing the company to achieve and maintain the confidentiality, integrity, and availability \u2014 the coveted CIA triad \u2014 of data. By effectively controlling network access and preventing unauthorized data changes, Cisco Secure Firewall played a pivotal role in safeguarding Laing O\u2019Rourke\u2019s network infrastructure.<\/p>\n Key stakeholders, including Fields, emphasized the importance of Cisco\u2019s wide-ranging threat intelligence. These updates ensured that the firewalls remain current with the latest threat and vulnerability signatures, reinforcing the strength and effectiveness of Laing O\u2019Rourke\u2019s security measures.<\/p>\n By partnering with Cisco, Laing O\u2019Rourke has enhanced its ability to identify and mitigate a wide range of threats by using advanced features of Cisco Secure Firewall, including intrusion prevention, URL filtering, and deep packet inspection capabilities.<\/p>\n The team also used Firewall Management Center (FMC) dashboards to manage firewalls using a single pane of glass, which was ultra-convenient when they needed insights on intrusion events, potential threats, and geolocation. Thanks to the proactive security measures implemented through Cisco\u2019s Secure Firewall solution, Laing O\u2019Rourke has experienced a considerable decrease in web-related vulnerability attacks.<\/p>\n Once the Cisco Firewall was in place for Laing O\u2019Rourke, it was ready to do what it\u2019s known for: helping prevent DDOS, malware, VPN, and many other attacks.<\/p>\n \u201cWhen it comes to firewalling, we take a dual vendor approach. Around five years ago we went out to market to replace our [competitor] firewalls. Given our positive experience with Cisco\u2019s networking equipment, Cisco FTD\u2019s were on our shopping list,\u201d Fields said. \u201cWe still take a dual vendor approach and Cisco is still helping secure our edge.\u201d<\/p>\n Cisco Secure Firewall has proven itself a formidable force to manage traffic and block threats, with automatic updates and frequent attack intel as a sweetener. But ISE has been a revelation for Laing O\u2019Rourke, giving the team a firm, confident hand when managing IP phones, tablets, and laptops \u2013 all used to conduct business.<\/p>\n \u201cISE was a real game changer for us. It has transformed the way we operate on project sites, negating the need for predefined workspaces based on if the user was a Laing O\u2019Rourke staff member, JV partner, client, or guest, while simultaneously increasing protection of our corporate network\u201d.<\/p>\n With ISE, ports can be configured to dynamically reconfigure a port based on security posture and device ownership, permitting access to the right network segments at the right time. This includes access to the company\u2019s corporate wireless (and wired) networks, guest Wi-Fi, and BYOD \u2013 including operational technology (OT) networks.<\/p>\n \u201cWhile ISE takes a bit of effort to set up right, once it up and running, it\u2019s a very stable platform, easy to configure and integrates well with other security platforms like Firewall Threat Defense (FTD) and mobile device management (MDM) solutions,\u201d Fields said.<\/p>\n If he had to name three things that make Cisco ISE a solid solution for Laing O\u2019Rourke, Fields spoke of dynamic profiling that detects device type and applies the right policy, the MDM integration and compliance check that makes sure devices are up-to-date, and anomalous behaviour detection.<\/p>\n According to Fields, many years ago, a pen-tester discovered a technical gap that absolutely needed to be closed. So now when an IP phone starts to communicate as Windows traffic, for instance, ISE catches it with behavioural detection.<\/p>\n \u201cWith the lack of physical security on our project sites, along with actively inviting our competitors onto our network, seems like a disaster waiting to happen,\u201d he said. \u201cCisco ISE has proven to be an invaluable solution for segregating access between our employees and our clients and partners, protecting us from threat actors and rogue network devices.\u201d<\/p>\n Many network and security pros understand how painful it can be to secure a network \u2013 especially one that\u2019s distributed. But with a Cisco Secure Firewall in play and ISE to manage BYODs, Laing O\u2019Rourke\u2019s networking team has already seen a difference.<\/p>\n To start, those Monday morning calls about desk moves and disrupted network access are no more. Laing O\u2019Rourke is saving minutes, hours, and days, while simultaneously bolstering network security:\u00a0 something that notoriously\u2026takes time.<\/p>\n The user experience has improved, and the team has more time to focus on threats. Though Laing O\u2019Rourke uses a dual vendor approach, Cisco is the go-to for this critical, global company, with ROI already evident once the company\u2019s other firewalls were replaced with Cisco Firewalls.<\/p>\n \u201cThe [competitor] firewalls were significantly more expensive and offered no additional functionality. The replacement [Cisco] actually saved us money,\u201d Fields said. \u201cWhat I can say is one of the few things that doesn\u2019t <\/em>keep me up at night is our network uptime or network-based security \u2014 thanks to Cisco Firewall Threat Defense (FTD) and Cisco ISE.\u201d<\/p>\n Check out Cisco Secure Firewall<\/a> and (ISE) Identify Services Engine<\/a> \u2014 solutions Laing O\u2019Rourke utilized to protect their network and people. Learn more about how Cisco has helped other customers achieve Security Resilience.<\/a><\/p>\n We\u2019d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Security on social!<\/em><\/p>\n Cisco Security Social Channels<\/strong><\/p>\n Instagram<\/a><\/strong>Facebook<\/a><\/strong>Twitter<\/a><\/strong>LinkedIn<\/a><\/strong><\/p>\n “}]]\u00a0\u00a0Laing O’Rourke used Cisco Secure Firewall and Identity Services Engine to deliver global, secure network access. Here’s how it all happened.\u00a0\u00a0Read More<\/a>\u00a0Cisco Blogs\u00a0<\/p>","protected":false},"excerpt":{"rendered":" <\/p>\n The first rule of interviewing a CISO at the Australian division of Laing O\u2019Rourke is this: You can\u2019t dig deep into use cases or cli\u2026 Read more on Cisco Blogs<\/a><\/p>\n \u200b[[{“value”:”<\/p>\n The first rule of interviewing a CISO at the Australian division of Laing O\u2019Rourke is this: You can\u2019t dig deep into use cases or clients.<\/p>\n And this makes perfect sense, because when you\u2019re responsible for securing critical infrastructure for an AUD $6 billion global construction and engineering firm, with projects ranging from transport to defense, even scant details can lead to cyberattacks.<\/p>\n Despite the high stakes, Laing O\u2019Rourke\u2019s security challenges are distinctly universal \u2013 especially post-2020, where the world saw a massive boost in the sophistication and number of DDoS, VPN, and other web-related attacks. And like peer companies, the company needed to set a firm foundation to block internet-based attacks on distributed infrastructure.<\/p>\n But here\u2019s where things are different. Thanks to business requirements, Laing O\u2019Rourke\u2019s network environment is complex. The company often works on what James Fields, Group Deputy CISO for Laing O\u2019Rourke, calls \u201cmega projects,\u201d joint ventures (JVs) with other companies that are \u2013 to put it plainly \u2013 competitors.<\/p>\n \u201cBeing a construction business, physical security is a real challenge out on project sites. Often, for some of our larger-scale projects, we find ourselves in collaborative partnerships with our rivals,’\u201d Fields commented. \u201cAt one moment, they\u2019re our partners in a project, and in the next, they could be our competitors for fresh contracts. By engaging in these joint ventures, we\u2019re effectively inviting our competition into our network.\u201d<\/p>\n So, it is imperative that Laing O\u2019Rourke delivers secure network access to staff, clients and JV partners in a hot-desking environment AND satisfy clients demanding adherence to different frameworks and certification. The company must also prevent threat actors \u2014 as well as anyone who could benefit competitively, financially, or in any other way \u2013 \u2013 from accessing or exfiltrating information from the network.<\/p>\n And they did it this by adding two different Cisco solutions to the stack: Cisco Secure Firewall and Cisco Identity Services Engine (ISE).<\/p>\n Getting backing from leadership to invest in the best traffic and threat management tools can seem impossible for many teams. Thankfully, Fields has enthusiastic backing from the board.<\/p>\n \u201cMy team and I are truly passionate about cybersecurity, and we have the board\u2019s support not just for compliance\u2019s sake (not just performing a tick box exercise), but also for establishing the best practices and instilling a cyber-centric mindset throughout the business.\u201d<\/p>\n But that doesn\u2019t mean it\u2019s been easy building that framework.<\/p>\n As a snapshot, before Cisco ISE, Fields says, \u201cOur joint venture partners and clients had a potential risk of unintentionally (or deliberately) accessing our corporate network due to shared office space. This prevented business agility, necessitating fixed desks. Consequently, IT had to frequently reconfigure ports on project sites as staff assignments changed based on project phases or collaboration needs.\u201d<\/p>\n Developing those pre-designed workspaces based on whether the user was from Laing O\u2019Rourke, or a JV took precious time and energy that could have been used elsewhere. The Laing O\u2019Rourke team needed intelligent automation to streamline the process.<\/p>\n Laing O\u2019Rourke already had multiple firewalls in place, but it needed a Cisco Secure Firewall to help the company control network access, prevent intrusions and exfiltration, filter URLs, and conduct deep packet inspection. Meanwhile, Cisco ISE would help wrangle all those joint venture devices.<\/p>\n Since the Laing O\u2019Rourke team was already using Cisco switches and was familiar with how Cisco solutions work, it made the choice to add more Cisco to the stack all that much easier.<\/p>\n \u201cWe, like most enterprises, use Cisco switches at our core and at the edge. So it made sense to talk to Cisco about how they could help us protect our network.\u201d<\/p>\n Laing O\u2019Rourke needed physical security that could accommodate hybrid staff members and contractors through hot-desking (multiple workers using a single physical workstation) and achieving seamless connectivity and network management was crucial.<\/p>\n To address this, Laing O\u2019Rourke turned to Cisco Secure Firewall, allowing the company to achieve and maintain the confidentiality, integrity, and availability \u2014 the coveted CIA triad \u2014 of data. By effectively controlling network access and preventing unauthorized data changes, Cisco Secure Firewall played a pivotal role in safeguarding Laing O\u2019Rourke\u2019s network infrastructure.<\/p>\n Key stakeholders, including Fields, emphasized the importance of Cisco\u2019s wide-ranging threat intelligence. These updates ensured that the firewalls remain current with the latest threat and vulnerability signatures, reinforcing the strength and effectiveness of Laing O\u2019Rourke\u2019s security measures.<\/p>\n By partnering with Cisco, Laing O\u2019Rourke has enhanced its ability to identify and mitigate a wide range of threats by using advanced features of Cisco Secure Firewall, including intrusion prevention, URL filtering, and deep packet inspection capabilities.<\/p>\n The team also used Firewall Management Center (FMC) dashboards to manage firewalls using a single pane of glass, which was ultra-convenient when they needed insights on intrusion events, potential threats, and geolocation. Thanks to the proactive security measures implemented through Cisco\u2019s Secure Firewall solution, Laing O\u2019Rourke has experienced a considerable decrease in web-related vulnerability attacks.<\/p>\n Once the Cisco Firewall was in place for Laing O\u2019Rourke, it was ready to do what it\u2019s known for: helping prevent DDOS, malware, VPN, and many other attacks.<\/p>\n \u201cWhen it comes to firewalling, we take a dual vendor approach. Around five years ago we went out to market to replace our [competitor] firewalls. Given our positive experience with Cisco\u2019s networking equipment, Cisco FTD\u2019s were on our shopping list,\u201d Fields said. \u201cWe still take a dual vendor approach and Cisco is still helping secure our edge.\u201d<\/p>\n Cisco Secure Firewall has proven itself a formidable force to manage traffic and block threats, with automatic updates and frequent attack intel as a sweetener. But ISE has been a revelation for Laing O\u2019Rourke, giving the team a firm, confident hand when managing IP phones, tablets, and laptops \u2013 all used to conduct business.<\/p>\n \u201cISE was a real game changer for us. It has transformed the way we operate on project sites, negating the need for predefined workspaces based on if the user was a Laing O\u2019Rourke staff member, JV partner, client, or guest, while simultaneously increasing protection of our corporate network\u201d.<\/p>\n With ISE, ports can be configured to dynamically reconfigure a port based on security posture and device ownership, permitting access to the right network segments at the right time. This includes access to the company\u2019s corporate wireless (and wired) networks, guest Wi-Fi, and BYOD \u2013 including operational technology (OT) networks.<\/p>\n \u201cWhile ISE takes a bit of effort to set up right, once it up and running, it\u2019s a very stable platform, easy to configure and integrates well with other security platforms like Firewall Threat Defense (FTD) and mobile device management (MDM) solutions,\u201d Fields said.<\/p>\n If he had to name three things that make Cisco ISE a solid solution for Laing O\u2019Rourke, Fields spoke of dynamic profiling that detects device type and applies the right policy, the MDM integration and compliance check that makes sure devices are up-to-date, and anomalous behaviour detection.<\/p>\n According to Fields, many years ago, a pen-tester discovered a technical gap that absolutely needed to be closed. So now when an IP phone starts to communicate as Windows traffic, for instance, ISE catches it with behavioural detection.<\/p>\n \u201cWith the lack of physical security on our project sites, along with actively inviting our competitors onto our network, seems like a disaster waiting to happen,\u201d he said. \u201cCisco ISE has proven to be an invaluable solution for segregating access between our employees and our clients and partners, protecting us from threat actors and rogue network devices.\u201d<\/p>\n Many network and security pros understand how painful it can be to secure a network \u2013 especially one that\u2019s distributed. But with a Cisco Secure Firewall in play and ISE to manage BYODs, Laing O\u2019Rourke\u2019s networking team has already seen a difference.<\/p>\n To start, those Monday morning calls about desk moves and disrupted network access are no more. Laing O\u2019Rourke is saving minutes, hours, and days, while simultaneously bolstering network security:\u00a0 something that notoriously\u2026takes time.<\/p>\n The user experience has improved, and the team has more time to focus on threats. Though Laing O\u2019Rourke uses a dual vendor approach, Cisco is the go-to for this critical, global company, with ROI already evident once the company\u2019s other firewalls were replaced with Cisco Firewalls.<\/p>\n \u201cThe [competitor] firewalls were significantly more expensive and offered no additional functionality. The replacement [Cisco] actually saved us money,\u201d Fields said. \u201cWhat I can say is one of the few things that doesn\u2019t <\/em>keep me up at night is our network uptime or network-based security \u2014 thanks to Cisco Firewall Threat Defense (FTD) and Cisco ISE.\u201d<\/p>\n Check out Cisco Secure Firewall<\/a> and (ISE) Identify Services Engine<\/a> \u2014 solutions Laing O\u2019Rourke utilized to protect their network and people. Learn more about how Cisco has helped other customers achieve Security Resilience.<\/a><\/p>\n We\u2019d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Security on social!<\/em><\/p>\n Cisco Security Social Channels<\/strong><\/p>\n Instagram<\/a><\/strong>Facebook<\/a><\/strong>Twitter<\/a><\/strong>LinkedIn<\/a><\/strong><\/p>\nMaking hot desking secure and accessible on a global scale<\/strong><\/h2>\n
Crafting security for joint ventures, and a very distributed network<\/strong><\/h2>\n
Streamlining security in the face of unnecessary, time-consuming tasks<\/strong><\/h2>\n
Using Cisco Secure Firewall to streamline access and safeguard the network <\/strong><\/h2>\n
Adding a zero-trust framework with ISE for identity<\/strong><\/h2>\n
Cisco Secure Firewall and ISE save money and time<\/strong><\/h2>\n
Want to secure your organization\u2019s hot desking?<\/strong><\/h2>\n
Making hot desking secure and accessible on a global scale<\/strong><\/span><\/h2>\n
Making hot desking secure and accessible on a global scale<\/strong><\/h2>\n
Crafting security for joint ventures, and a very distributed network<\/strong><\/h2>\n
Streamlining security in the face of unnecessary, time-consuming tasks<\/strong><\/h2>\n
Using Cisco Secure Firewall to streamline access and safeguard the network <\/strong><\/h2>\n
Adding a zero-trust framework with ISE for identity<\/strong><\/h2>\n
Cisco Secure Firewall and ISE save money and time<\/strong><\/h2>\n
Want to secure your organization\u2019s hot desking?<\/strong><\/h2>\n