What's Happening?
Cleanaway Waste Management, an Australian company specializing in waste, recycling, and resource recovery services, is overhauling its cybersecurity strategy in response to a changing threat landscape.
The company's chief security officer, James Court, highlighted that Cleanaway's global expansion has increased its exposure to cyber threats, necessitating a reevaluation of its security measures. The company operates a diverse technology environment, including corporate IT, mobile devices, and operational technology assets. Despite having modern detection tools, some devices remain challenging to secure. Cleanaway is consolidating its cybersecurity tools from over 20 suppliers to five strategic vendors to improve efficiency and cost-effectiveness. The company is also 18 months into a Zero Trust transformation, focusing on identity and access management as a critical component of its security strategy.
Why It's Important?
The consolidation of cybersecurity tools and the adoption of a Zero Trust model are significant for Cleanaway as they aim to enhance the company's resilience against increasingly destructive cyber threats. This move is crucial for maintaining business continuity and protecting the company's extensive network of assets, especially as it expands into new regions like New Zealand and the Middle East. The focus on identity and access management highlights the importance of securing endpoints and managing third-party risks, particularly in complex supply chains. Cleanaway's approach reflects a broader trend in the industry towards streamlined and integrated cybersecurity solutions, which can lead to improved security postures and operational efficiencies.
What's Next?
Cleanaway will continue to implement its Zero Trust strategy, with a focus on identity and access management and SD-WAN connectivity. The company will monitor the impact of consolidating its cybersecurity vendors on its long-term security posture. As Cleanaway expands its operations, it will need to remain vigilant against evolving cyber threats and ensure that its security measures are adaptable to new challenges. The company's commitment to defense in depth suggests that it will continue to evaluate and adjust its cybersecurity strategy to address emerging risks and maintain robust protection for its assets.
