As companies look to advance in DX, so must their attitudes to cyber security, writes Tony Mannion, Sales Development Manager, SolutionsPT.
Digital transformation (DX) requires a mastery of available data from the plant floor and throughout the enterprise to make significant gains in productivity and efficiency.
There are few areas of industry that do not stand to gain from DX, and few companies that haven’t at least started their journey towards a more digitised future. While enabling the free movement of contextualised data opens up a plethora of benefits, it is vital to ensure that cyber security measures keep pace with the changes to limit the risk posed by hackers.
Digital transformation is an inevitable, one-way journey. Companies that don’t advance will see themselves quickly overtaken by competitors, so, how do businesses advance in DX while ensuring they maintain a strong security posture against new threats?
New cyber threats mean new cyber security
The first step is to understand how cyber-attacks have changed in recent years. Some old threats still remain, but while most operators wouldn’t dream of putting an unknown USB into their system, it is still a potential weakness exposed by hackers.
Newer, more evolved threats come from attackers targeting the increasing connectivity between networks that were previously separated. Cyber-attacks that might previously have been isolated incidents can now quickly spread to the entire enterprise.
This brings me to the first step every company should take when embarking on a digital transformation journey, and that is implementing a DMZ (demilitarized zone) between any connections. This perimeter network isolates and protects a business’ local area network (LAN) from untrusted sources.
It may sound counter-intuitive that when trying to share data as widely as possible through the enterprise, the first step should be to isolate different areas, but done properly, DMZs allow smooth data flow within the business and retain the ability to isolate networks at point of need. The best of both worlds, you might say.
Threat levels
Having taken the initial steps for cyber protection, companies next need to understand the level of cyber threat they face – their risk exposure.
There are three main types of threat, the first is commonly reported in the news and probably the most expected cyber-attack - which is disruption. This usually involves hackers targeting infrastructure such as energy generation or water/wastewater treatment with the goal of disrupting operations.
This results in the attacked company being unable to operate normally, with the associated risk to public health and company profits until the problem is resolved. A high threat level like this requires a sophisticated hacker and there is plenty of evidence to suggest many such high-profile attacks are state sponsored.
For the majority of enterprises, the main threat level comes from Ransomware, the second type of threat. Ransomware can be targeted at a specific company or more opportunistically, with a collateral damage approach where a hack is sent out into the digital wild to find unprotected (often OT) systems.
Attacks like this are why every company in every sector needs to take cybersecurity seriously as they advance in DX. It isn’t necessarily about being on the radar of hackers, it’s about protecting your systems so they aren’t an easy target.
The third and final threat level that needs to be considered is from within. A growing trend in recent cyber-attacks is that they are perpetrated by a disgruntled (or bribed) employee – one who already has access to the system and can bypass a level of protection.
Depending on the sector, this can type of attack can put workers lives in danger. This type of threat is why setting up a DMZ is a critical step in DX cyber protection. You could think of it as being able to seal off leaking sections of a submarine to contain the water and safeguard the rest of the vessel.
Cyber security for successful digital transformation – essential steps on the journey
1. OT training to the standards of IT
With a multitude of cyber-threats, companies often find themselves asking who is responsible for cybersecurity. The short answer is everyone. Traditionally, cybersecurity has remained firmly a responsibility of IT, but as every device becomes part of a wider IIoT network, OT staff must now be included in robust cyber security training.
Implementing cyber-secure practices can face reluctance from OT staff in manufacturing and process environments where legacy assets are running their systems 24 hours a day, 7 days a week. Any disruption to this service will have a big impact on the business so can be seen as a barrier to developing a robust cybersecurity protection programme.
Businesses trying to overcome this barrier must ask if the cost of updating outweighs the risk of a potential cyber-attack. In all cases the answer should be no. Companies must take steps now to bring OT devices up to the cyber-protection level of IT systems, and the same goes for OT staff training.
2. Assess your systems
Once a DMZ has been established as the absolute first step while embarking on a digital transformation journey, it’s time to assess your systems. As with the training, regular assessments are commonplace among IT companies and security departments, but it needs to become a regular task for OT staff also. These assessments become more crucial as new assets join the network opening up potential new targets for hackers.
Security assessments need to be seen as more than a box ticking exercise, especially around cloud security breaches. What has always worked in the past may not work in the context of a digital transformation journey that will change and develop. Security assessments must take into account how systems are protected currently and, importantly, how will they be protected in the future as more digital technology is added. Businesses can’t simply rely on the latest security technology and feel secure, there is no single solution that will protect a company indefinitely. Cybersecurity must be viewed the same way as digital transformation, a constantly evolving journey that requires input and investment from all employees.
3. Expert partnership
For many businesses, large and small, it isn’t likely that all the expert insight you will ever need can be found in-house. Sometimes it is integral to a successful digital transformation cybersecurity strategy that advancing companies bring in a partner organisation. One that can align with said strategy but also comes with a wealth of knowledge and experience in guiding businesses through digital transformation. The new risks and opportunities for hackers may not be apparent to the onsite cybersecurity team, companies should seek expert partners that have extensive experience in OT cybersecurity, especially in the context of a rapidly advancing DX journey.
The reason we describe this as a partnership is because it is never ending. Hiring a temporary consultant will only bring the cybersecurity level up to that date without considering future needs. The upgrade, retest, update, and training protocols need to be seen as a constant process within a business, that’s why having a partner organisation is an integral step for ensuring protection now and for the future.
The secret to a successful cyber security strategy that aligns with a digital transformation journey is an equal balance of people, process, and technology. Any single element working in isolation will not protect a company from the varied threats that exist, companies need to plan for cyber security the same way they plan for digital transformation. It is a necessary journey, one that will continue to change as technology develops but it must include every member of staff, no matter their role.
Add a Comment
No messages on this article yet