Topics In Demand
Notification
New

No notification found.

Blog
Industrial Cybersecurity Enables Digital Transformation

April 27, 2020

378

0

Industrial cybersecurity is a critical requirement in a digitally connected world.  It is primarily about the convergence of safety from the OT (operational technology) environment and the goals of security from the IT environment.  At the recent ARC Industry Forum in Orlando, ARC’s cybersecurity lead Sid Snitkin and Scott Christensen, Cyber Practice Director at GrayMatter Systems, had an in-depth discussion on industrial cybersecurity.   You can watch the video here or on YouTube.

GrayMatter’s Approach to Industrial Cybersecurity

Sid’s opening question was: “Industrial cybersecurity spans a very broad set of technologies and services.  Where does GrayMatter’s offerings fit in this complex environment?”

The company focuses on a couple of things, explained Scott.  First, we focus on how to provide defense-in-depth to our customers, i.e., multiple layers of defense.  Next, we help companies with technology decisions.  “Because there’s quite a bit of white noise out there, and a lot of different products, a lot of different solution sets.  And not everything’s a great fit.  So, a lot of times, we work with our customers to help them decide what’s the best technology, and what’s the best way to apply that technology.”

IT and OT Cybersecurity

IT cybersecurity is a priority across all industries, but industries, like oil & gas and power, also face OT cybersecurity challenges, opined Sid.  How can GrayMatter help these companies improve their OT cybersecurity?

Scott responded that they have witnessed this interesting dynamic.  There’s usually a heavy investment on the IT side – and that is where most of the cost center is located.  But, there doesn’t seem to be much focus on protecting the actual revenue generating assets.  Now, people are realizing that, and “there’s been a transition to increase cybersecurity maturity on the OT side of the house.”

Major Threats to OT Cybersecurity

Discussing the major threats to companies today in the OT world, Scott said that ransomware is no longer an OT problem or IT problem, it’s just across the board.  “And the other thing we’re starting to see is a lot more focus on unintentional internal threat actors.  People not following best practices, sharing passwords, etc.”  These are increasingly being addressed in the industry.

Aligning People, Processes, and Technologies

“I think a lot of times we jump to the technology, looking for the mousetrap that fixes all the problems. And I think a lot of times we skip over the people and the process,” said Scott.  “We need to consider if we are following good practices, and if the people are aware of why cybersecurity is required.  People don’t realize that what’s convenient (like sticky notes or dual NIC cards) can be a vulnerable point.  So, we must start moving away from what’s convenient to what’s secure, and enabling that to happen.”

Customers are also confused about which standards to apply and engage in a maturity model that allows them to grow the cybersecurity program.  This is where GrayMatter can guide them.

Cybersecurity Enables Digital Transformation

Scott explained that when it comes to digital transformation, cybersecurity is often considered a disabler. But  this is a wrong notion.  “Digital transformation and enablement need to go together.” Clients are so used to security telling them that certain procedures can’t be done.  It’s not as if the security person doesn’t want to enable things, but he doesn’t know the way to do it.  That’s where GrayMatter steps in and shows the customer a practical way to do a lot of it (remote access, segmentation etc.).  The company shows and guides them towards ways to do things differently and better.  And once that’s done, cybersecurity is no longer viewed as a roadblock and “becomes much more collaborative with digital transformation.”

“Reprinted with permission, original blog was posted here”. You may also visit here for more such insights on the digital transformation of industry.

About ARC Advisory Group (www.arcweb.com): Founded in 1986, ARC Advisory Group is a Boston based leading technology research and advisory firm for industry and infrastructure.

For further information or to provide feedback on this article, please contact RPaira@arcweb.com

About the Author:

Sid Snitkin

Sid’s responsibilities include leadership of ARC’s Industrial Cybersecurity practice, which develops products and services for protecting industrial facilities.  Sid also supports ARC clients in Asset Lifecycle Information Management and the Industrial Internet of Things (IIoT).  Sid has over 30 years of experience in automation, information systems, and manufacturing. His background includes extensive experience in the metals industry, including engineering design, construction and automation of Ironmaking, Steelmaking, Rolling, and processing facilities.


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


© Copyright nasscom. All Rights Reserved.