Key issues for countries and the businesses that operate within them to address in terms of climate change unfolded at the recent 28^th UN Climate Change Conference (COP28). These issues urge immediate and significant action to be taken on fossil fuels and clean energy, national adaptation and climate finance, methane reduction, land use and more.

What does environmental sustainability in business mean?

Environmental sustainability in business is the operation of a business that does not compromise the environment. A business that has considered environmental sustainability prioritises the environment’s best interest, with society and its ecosystems coming before making a profit. It involves responsible decision-making that minimizes carbon footprint or waste while simultaneously improving the quality of life for humankind and the natural world alike.

Unfortunately, however, operating businesses as usual has had an increasingly detrimental impact on our planet. According to the latest State of the Global Climate report by the WMO, 2023 was the warmest year on record at about 1.4C,increasing pressure to shift their operations to more environmentally sustainable practices. This inevitably causes businesses to consider—where do we start? How do we begin making a difference?

What is the importance of environmental sustainability in business?

According to an article published by Maryville University, businesses that do not act responsibly will result in “the majority of many species not surviving past the 21st century”, reiterating how critical it is for businesses within every industry to take part in improving their environmental surroundings.

Although companies have a way to go before fully grasping the repercussions of ever-growing carbon footprints, those willing to tackle this challenge early on will get a head start on reshaping perspectives and realities.

Environmental sustainability in business practices

Businesses can rely on the three R’s– reduce, reuse and recycle– to begin reducing their environmental impact. However, there are several other examples of practices that businesses can incorporate into their operations amplify their reduction, including:

• Life cycle assessments
• Designing environmentally friendly products/services
• Optimising product efficiency
• Decreasing supply chain carbon footprint
• Re-evaluating CSR (Corporate Social Responsibility) expenses

Benefits of environmental sustainability in business

Reduces the impact of business costs

While the cost-of-living crisis is skyrocketing, improving the energy efficiency of business operations and decreasing waste will go a long a way in bracing for the impact of unexpected business costs. Using more energy efficient lighting or reusing existing resources can be quick-fix solutions for lowering costs.

Improves a business’ reputation

Environmentally sustainable businesses are viewed as a plus, and companies are eager to highlight this fact. Companies that can go “green” show that they’re serious about making a difference in the environment and are interested in more than just profitability. Businesses that can market themselves and develop their identity around their commitment to the betterment of the planet will notice incredible results in terms of their reputation.

Who is responsible for improving environmental sustainability in a business?

Businesses have been expected to pave the way towards environmental sustainability due to their notably significant contribution towards polluting the environment through waste, gas emissions and plastics generated. The responsibility does not necessarily begin with one individual within a business though– employees at every level of the business must work together to bring about change. A few examples include:

• Business owners and leaders: Business owners and leaders are typically capable of leading strategic decision-making that influences the wider business. They can develop effective sustainability strategies and initiatives that have the power to change policy and induce change.
• Business managers and supervisors: Managers and supervisors can supply valuable insights due to their more hands-on roles. They also typically have different perspectives and understandings as to how to improve business sustainability.
• Employees: Employees can supply valuable contributions when encouraged to voice their opinions and concerns on how the business can become more sustainable.

Impact of environmental sustainability in business

The Department for Business, Energy and Industrial Strategy is striving to reach net zero carbon emissions by 2050. It’s going to take strong leadership, business-wide alignment on operations and an engaged corporate culture to successfully execute and maintain environmentally sustainable business practices. Businesses that start addressing these issues and challenge existing business processes will find themselves making a breakthrough towards becoming more environmentally sustainable while protecting the world around them.

How can CACI help you overcome these obstacles?

Our newly developed Mood Environmental Hub helps track all of your assets across multiple geographic locations and assess the environmental impact of your business.

With a single click, users can drill down from multi-site, business-level functions, to departments or even individual teams to determine asset types and locations, enabling a quick assessment of priority focus areas for improvement. It can also visualise existing data through user-friendly dashboards that show carbon impact, consumption and cost at an enterprise level.

The advanced modelling feature also outlines potential improvements, indicating ROI and carbon reduction impact. Additionally, you can easily check performance against carbon commitments such as Social Value through the initiatives tracker.

Producing carbon reduction target tracking reports or modelling for a business case is now a click away – to see how it works, you can book a demo here.

In my last blog, I explained the reasons for transforming to a Zero Trust Model. In this next blog of CACI’s Zero Trust series, I’ll explore some of the benefits and challenges to implementing Zero Trust Network Architecture (ZTNA) in your business.

Benefits of implementing Zero Trust Network Architecture

ZTNA not only improves your network security, but also enhances your business processes and protects your end-users. A few of the ways in which you and your business can benefit from Zero Trust include:

Your Network

Traditional on-premises architecture cannot support remote access at scale. ZTNA allows more remote users to securely connect to your company network via multi-factor authentication (MFA).

Secure cloud adoption
ZTNA enables the classification of access rights on the cloud so that only authorised users can access your selected assets

Overall Security

You can secure confidential data by implementing least-privileged access control and strict user authentication. This minimises the blast radius in any data leakage incident. – Protection against threats Any configuration changes are automatically triggered and analysed for suspicious activities in ZTNA, keeping down the overall risk exposure.

User Enablement

ZTNA sets up your network infrastructure so that global employees and business contractors can access your company network safely via a Virtual Protected Network (VPN). – Optimised customer experience ZTNA allows your customers to securely access any confidential data and to complete transactions anywhere by verifying their identities.

Challenges to implementation

Transforming to modern technology is always easier said than done. There are a few common hurdles to overcome in order to complete the Zero Trust journey:

‘Implicit trust’ in the legacy system

A few of my clients’ legacy systems still rely on ‘implicit trust’, which conflicts with the core principles of ZTNA. Some of their upper-layer applications are built from older protocols or conventions from when the public internet was a trustworthy space. These dated applications have been bolted onto security and data encryption layers since the evolution of technology.

You’ll need an appetite for bold change and significant investment to transform to ZTNA, and it won’t be built in one day! Most companies operate in a hybrid Zero Trust or perimeter-based mode while they make the transition.

No standardised frameworks for component creation

There are no standardised frameworks for creating commoditised Zero Trust components. Different frameworks are suggested by governments or experienced IT consulting companies based on their knowledge and experience. For instance, there are many competing products for user authentication, such as Microsoft Active Directory, Okta, Azure AD and OneTrust.

Insufficient workforce support

I’ve spoken to some companies that have admittedly not invested enough in their networking and security. This led to a lack of leadership support and security experts to drive their transformation to Zero Trust.

If this is the case in your business, you can partner with an IT outsourcing provider that will advise you on the best fit Zero Trust framework and equip you with a team of security experts to help you get there. We have some top tips on how to find the right IT outsourcing partner which you might find useful.

How CACI can help

CACI’s team of cybersecurity experts can help you improve the protection levels of your business, from Zero Trust Network Architecture, Threat Analytics, Systems Hardening, Network Analytics and Next Generation Firewalls. We perform a risk assessment to advise you on the comprehensive cybersecurity you need.

We also have experts in Cloud Network on-ramp Connectivity, such as Microsoft ExpressRoute, AWS Direct Connect, GCP Cloud Dedicated Connect and SASE/SdP/VPN technologies like Zscaler and Tailscale.

Stay tuned for my final blog, where I’ll be sharing some efficient ways to implement ZTNA. If you’d like the whole story, take a look at our Zero Trust Model whitepaper where we cover everything in these blogs.

Traditional cybersecurity paradigms focus on network-based security strategies like firewalls and other tools to monitor user activities on the network. However, digital transformation and social environment factors have driven new cybersecurity strategies to focus on protecting end-users, assets and resources. This is the prototype of the ‘Zero Trust Model’.

In this new blog series, I’ll explain the reasons for transforming to a Zero Trust Model as well as the benefits and challenges of implementing Zero Trust Network Architecture. I’ll also cover how you might efficiently implement it.

What is a Zero Trust Model?

But first things first, what exactly do we mean by ‘Zero Trust’? Well, Zero Trust is not a technology, it’s a security model with a set of guiding principles for workflow, system design and operations that can be used to improve the security posture of any classification or sensitivity level.

Zero Trust is a transformative journey rather than a complete replacement of technology. Ideally you should evaluate the security risks in your business model to before you start shifting to Zero Trust. Yet, during the COVID-19 pandemic, many companies were forced to quickly change their central-breakout remote access VPN to a Zero Trust using cloud-based equivalents such as Netskope, Zscaler or Tailscale. They then had to progressively apply Zero Trust principles, process changes and technology solutions that protect their data assets and business functions as they went along.

Now, they are often left having to operate in a hybrid Zero Trust/ perimeter-based mode while continuing to invest in IT modernisation initiatives and improve business processes – not ideal.

Why do we need a Zero Trust Model?

In the new working environment that we find ourselves, we need to look at a Zero Trust Model for a number of reasons:

Remote work and BYOD policy for employees

In the post-COVID era, remote working and a BYOD (Bring Your Own Device) policy have become the new normal. The “castle-and-moat” network security model in fixed office locations and employer-owned devices cannot cater for every employee’s needs. More staff are working out of the office using their own devices and Wi-Fi networks which are less secure in a remote working environment than in an office. You need to take a micro-level approach to authenticate and approve every access request in your network to make sure it’s secure.

Digital transformation of customer experience

The customer journey is not limited to retail shops and customers are rapidly shifting their buying behaviour to the internet and mobile applications. Thousands of personal computers and devices across the globe connect to company networks to complete transactions. This means that identity verification is critical for customers before they access their confidential data.

The high complexity of network architecture

In response to the high demand for rapid and secure access to data, anytime and anywhere, your company may operate several internal and external networks. These can include on-premises systems and cloud environments. Perimeter-based network security is then insufficient once attackers breach it whereas Zero Trust Network Architecture adds additional security layers to identity verification, such as a least-privilege access control, multi-factor authentication and endpoint verification for improved security.

Zero Trust forms a strong defence line against cyberattacks

With all these social and network environment changes, the opportunity for your network to be attacked is much greater. The median cost of cyberattacks in the UK rose 29% in 2022 with an average attack costing a business nearly £25,000.

Legacy systems, regulations and compliance practices are no longer sufficient amid increasingly sophisticated threats. Cloud environments are attractive targets for cybercriminals aiming to destroy and steal confidential business data. Amongst these different types of cyberattacks, ransomware tactics have evolved and become the most significant threat.

The Zero Trust Model is another approach to combat the emerging threat landscape which legacy security systems and perimeter approaches can no longer adequately mitigate.

How CACI can help

CACI has cybersecurity experts who can improve the protection levels of your business. Capabilities include Zero Trust Network Architecture, Threat Analytics, Systems Hardening, Network Analytics and Next Generation Firewalls. We perform risk assessment to advise clients on what comprehensive cybersecurity they need.

We also have experts in Cloud Network on-ramp Connectivity such as Microsoft ExpressRoute, AWS DirectConnect, GCP Cloud Dedicated Connect) and SASE/SdP/VPN technologies such as Zscaler and Tailscale.

In my next blog, I will be discussing the benefits and the challenges of implementing Zero Trust Network Architecture. However, if you want the whole story, have a read of our Zero Trust Model whitepaper where we cover everything in these blogs and more. Download your copy now.

Notes:

• [1] Zero Trust Network Architecture (nist.gov)
• [2] Will Rishi Sunak reassess UK cybersecurity policies? (openaccessgovernment.org)

Met Office are responsible for collecting and processing observation data, used to analyse the country’s weather and climate, at weather stations around the world and coast. The observations are valuable to several different consumers, from meteorologists forecasting the weather to climate scientists trying to predict global trends resulting from global warming.

Met Office and CACI’s SurfaceNet

Met Office have been looking to build a replacement observations platform that is more efficient and appropriate for their current needs. CACI have been working with Met Office for the last two years to deliver the next generation system: ‘SurfaceNet’, with the primary requirements being that it is cost effective and scalable.

Given Met Office’s ethos of adopting a ‘Cloud First’ approach, and its partnership with AWS, it was an obvious choice to build the system in AWS’ Cloud.  The first important decision was to select what would be our main compute resource. The observation data would be arriving once a minute and, given this spiky arrival time, Lambda proved to be the most cost-effective solution, allowing us to only pay for small periods where compute was required. The platform processes several observations from roughly 400 stations every minute – equating to 15 billion observations per month – so any marginal improvements on compute cost would soon add up.

Choosing Lambda complemented our desire to have a largely serverless system to minimise maintenance costs, using other serverless AWS resources such as S3, Aurora Serverless, DynamoDB and SQS. This approach avoided the need to provision and manage servers and the associated costs involved with this. Serverless resources are highly available by design; Aurora Serverless mandates at least two Availability Zones that the database is deployed into, while DynamoDB and S3 resources have their data intrinsically spread over multiple data centres.

Most of the data ingest occurs by remote data loggers communicating via MQTT with the platform; AWS IoT Core was the ideal resource for managing this. Using API gateway, we developed a simple API on top of IoT Core allowing those administering the system to onboard new loggers, manage their certificates and monitor their statuses. The Simple Email Service (SES) allows ingestion of data from marine buoys and ships that transmit their data via Iridium Satellite. Both IoT Core and SES are fully managed by AWS, supplying an easy method of handling data from a range of protocols with minimal operational management.

From a development perspective, the stand-out benefit of working in the cloud has been having the ability to deploy fully representative environments to test against. Our infrastructure is defined using CloudFormation, enabling each developer to stand up their own copy of the system when adding a new feature.

Eliminating the classic ‘works on my machine’ problems that plague local development allowed for rapid iteration cycles and far fewer bugs during testing. The process means constantly exercising the ability to deploy the system from scratch, which will come in handy when an unforeseen problem occurs in the future.

Whilst this suggests a flawless venture into the Cloud sector, the journey hasn’t been without problems. CloudFormation has been incredibly useful, but given the scale and the number of resources, it has become cumbersome. Despite our best mitigation efforts there is still a large amount of repetition, and the cumulative lines of YAML we have committed is on par with the number of lines of python. We would consider using the newer AWS CDK if we were to approach the project again.

Additionally, we started off making new repositories for each new Lambda, but this has ended up limiting our ability to share code effectively across components, not to mention having to update ~40 repositories when we want to update buildspecs to use a new version of python.

It has been a fascinating couple of years and a main takeaway has been that large organisations such as Met Office, with large-scale bespoke data problems, see the cloud as a desired environment for building solutions.

The maturity of the AWS platform has shown the cloud to be both robust and cheap enough to satisfy the requirements of complex systems, such as SurfaceNet, and will certainly play a big part in the future of both CACI and the Met Office.