Why data security is still one of the hardest challenges for many organizations
Data security remains one of the biggest challenges facing industry, and as technology delivers increasing interconnection and digitalization, assuring data security in every sector needs to be a long-term investment.
For many organizations, this continuous process requires an initial step change in mindset, implemented in a sustainable and efficient way.
Cyber security needs are now not just recognized, they are also discussed and debated at board level. Corporate executives are seeing the impact of security concerns on share price, and failure to address cyber risk can result in large fines. The cost of incidents is being fully understood, and we are seeing corporate boards held liable for insufficient security controls.
Almost a third of respondents to the Kaspersky Lab State of Industrial Cybersecurity report in 2018 believed it very likely that they will be targeted by a cyber-attack. Obvioiusly, we are way past the point of data security not being taken seriously. So why is effective cyber security still such a challenge?
A hard problem to solve
Organizations know they need to manage risk and threats from data security, but they face several challenges in doing this effectively:
The future of data security
Thinking more holistically, data will, in the long-term, provide opportunities to bring together predictive maintenance, operational improvements and cyber security. Changes will mean fewer and fewer data systems, and the same data structure implemented throughout an organization.
A modern cyber security system protects industrial vulnerabilities across plants, simplifying secure day-to-day operations and supporting compliance activities. This will allow focusing on revenue-generating operations, not routine security.
We can look at modeling the flow of data by individual users. What does a plant engineer need, compared to an operator? Technology has enabled monitoring without the need for major infrastructure changes. With this new ability to monitor not only data flows but also data sets and types, coupled with strong data modeling tools now available to industry, we can share insights to enable better decision-making.
With isolated control systems, previous monitoring was available only at an end point. Now, we can monitor in real-time, take advantage of security operation centers and use this real-time data. We can monitor, and crucially understand, what is going on. With a distributed architecture, we can get data out and across entire organizations, not just in isolated operations.
The risk and the solution
The real risk is not having the discussion. If you want to be a digital innovator, you need to get the near real-time data to the C-suite. What has your organization defined as an acceptable risk at board level? And have they budgeted accordingly for this?
The key to success is having a risk adjustment mindset and engaging with stakeholders - both externally and internally. Everyone needs to be involved – it’s not just an IT project.
In order to master industrial data security challenges, companies need to develop a strategy. They need to have an organization and incident response plan and put measures into place. Of course, this also involves ensuring there is enough funding to work smoothly.
For effective scale, companies need to address critical points of a reference architecture – standardizing security technology, and planning around monitoring, vulnerability management and incident response.
A disciplined focus on making risk adjusted decisions is vital. The principles of risk management are so important when implementing a security program. When we talk about security, we are also talking about culture. So, everything you would do to drive a major initiative in a corporation must start with culture.
Cyber security is a five-step process that we characterize as identify, protect, detect, respond and recover, and consult.