Tony Mannion, Sales Development Manager, SolutionsPT examines the important
considerations businesses must make as they reach enterprise-wide connectivity.
The journey of digital transformation (DX) opens the flow of data throughout an
enterprise with a view to delivering value at each step. From the boardroom to the
plant floor, this data can be collated and contextualised to improve overall
efficiency and productivity. While the benefits of advancing digital transformation
are plain to see, businesses can be hesitant to break down data silos due to
cyber security concerns. This worry is also a barrier that holds many companies
back from exploring Cloud-based technologies. However, holding back on digital
transformation is counter-productive. The one-way journey of DX is inevitable
and businesses which fail to transform will not be competitive. In fact they will
soon become unsustainable. With that in mind, companies must take steps to
ensure their network security and set about their DX strategy with vigour and
confidence.
Old and new threats
The first step for most digital plants when considering cyber-attack mitigation is to
achieve the same training standards for Operational Technology (OT) staff as for IT
staff. It may seem an obvious starting point, but the threat of infected USB sticks is still
very real and many cyber attackers will still use such opportunistic tactics to gain easy
access to a system. Any employee, no matter where in the supply chain they sit, should
adopt a trust no file, trust no device approach. Businesses looking to eliminate this
worry should implement industrial control system removable media protection as part of
their digital transformation strategy. Self-contained scanning stations are imperative for
protecting critical industrial environments from all removable media including USBs and
CDs, stopping threats from traversing the air gap into the OT network.
New cyber threats mirror digital transformation, as their targets advance, the attacks
become more sophisticated. This is why businesses need to adopt regular and strict
security assessments that are seen as much more than a box ticking exercise. What
may have protected you from cyber threats in the past can easily become obsolete as
new systems are added to a growing enterprise and new attack angles are employed by
hackers. Cyber security should be viewed in the same way as digital transformation – an
always evolving journey that requires regular intervention and course correction from all
employees.
Any successful cyber security strategy requires consideration of people, process, and
technology. Each element working in isolation won’t provide adequate protection, but all
three working together will help create much a more robust cyber security posture as a
business advances in digital transformation.
Mitigating risk
While it is possible for a company to put in place every possible cyber protection, there
will always be risk. In the same way as when we jump into a car, no one ever has the
intention to have an accident and most take active steps to mitigate risk as much as
possible through safe driving and due diligence. The same could be said for cyber
security, even with all protection in place the risk will never be zero. This has given rise
to cyber insurance, providing coverage for events including data breaches, downtimes,
malware, ransomware, phishing, DDoS, hacking and insider threats. Insurance of this
kind was previously reserved for companies with earnings between £1 – £9million, but
now companies with revenues between £100,000 – £500,000 should expect just as
many cyberattacks.
Including cyber insurance should be part of most SMEs’ digital transformation journeys,
especially as the most common point of attack is on cloud servers. The pandemic
caused a rapid growth in remote working that hasn’t gone away in a post-pandemic
world and this has caused hackers to adapt their approach. Businesses must adapt with
them and ensure each point of their growing digital footprint is protected.
While cyber security considerations can seem doom and gloom, with the next threat
always waiting around the corner for the slightest slip up, taking these steps into
consideration can offer vital protection. The best way to mitigate cyber risk as much as
possible is to have the right expertise close by, be that within your own organisation or
through your digital transformation ecosystem. Dedicated experience and
understanding to the always changing world of industrial cyber attacks will be the
guiding hand that navigates through these considerations, training, and new
technologies to ensure those critical OT systems are protected.
Advance your digital transformation journey and unlock a host of benefits with an EAM
solution that supports your business now and in the future. Enquire about the joint
offering from SolutionsPT and IFS Ultimo here.
