Cybersecurity Defense Requires a Strong Offense
Credit to Author: Nathalie Marcotte| Date: Tue, 26 Nov 2019 14:58:46 +0000
Cybersecurity is currently facing a tricky paradox. The number of attacks, and attempted attacks, is rapidly growing but as it stands, companies are struggling to adapt the right approaches in both their technology and employee education. Rapid growth in the number of connected devices and the promise of value from the IIoT makes effective cybersecurity mandatory, not optional.
As I said at Innovation Summit Barcelona, it’s important that we identify the challenges with cybersecurity and then look at some of the best tools and processes companies can adopt.
Recognizing the problems
The numbers around cybersecurity are extremely interesting, we see:
- An increase in security breaches of 67% over the last five year
- A ransomware attack occurring every 14 seconds
- 22% of security issues stemming from outdated and unpatched software
But at the same time, figures also show:
- Only 2% of IT budgets are used for security
- 70% of employees don’t understand cybersecurity
(Source: https://www.thesslstore.com/blog/80-eye-opening-cyber-security-statistics-for-2019/)
This tells us that, on one hand, everywhere you look there is an increased cybersecurity threat. On the other hand, there is some latency in addressing the challenge – so it seems there is a need for all of us to really start taking action.
Why is this so important? The average cost of a breach is $3.8 million, but we have seen some global companies spend more than $100 million reacting to a breach and fixing customer issues. And that’s just the financial cost. On top of this, firms suffer from a major impact on their reputation in the market place as well as customer confidence.
Act now before it’s too late
This is already a major challenge for many companies, and it’s only going to get worse if action is not taken. As our Chairman & CEO John-Pascal Tricoire mentioned during his keynote speech in Barcelona, the world is about to see its 200 billionth connected device, that’s 26 per individual on the planet. If we want to benefit from this and get the value from all that connectivity, we need cybersecurity as an enablement for us to really take advantage of all the promises of the IoT and digital. It’s no longer a question of competitive advantage or minimizing the damage, it’s a fundamental requirement of doing business.
Cybersecurity defense requires a strong offence
Going forward, we really need to be proactive and take some actions to lead in terms of an offensive approach. And it’s with this in mind that we at Schneider believe we can support our customers in their cybersecurity journeys.
Of course, training is up to the employer. But on the technology side of things, we believe it is an end-to-end challenge. The first way we can protect our clients is making sure all our technology is cybersecure by design – and we have a team that works across all of our technology to ensure this is the case. We do rigorous testing and the team has the authority to say no to a product going to market if they believe there are still some vulnerabilities to be fixed.
Secondly, when our team goes to customer sites, we make sure our service and engineer teams know the standard cybersecurity practices – is the system is patched at the right level, what is the customer’s cybersecurity process, and how can we make sure we are delivering the system with basic cybersecurity best practices in mind.
The last piece of the puzzle is to make sure our solution reduces the cybersecurity risk throughout the whole operation.
This is aligned with our EcoStruxure story. Our system architecture and platform consist of three layers of solutions – Connected Products, Edge Control, and Apps, Analytics & Services. Throughout this architecture, we make sure the whole thing is cybersecure end to end.
There is no way to avoid the inevitability of an attack in any business – which is why employees need to be constantly trained and educated in the best cybersecurity practices. It is important to add, that cybersecurity is always alive and evolving – it means you can be cybersecure today, but that doesn’t mean you will be tomorrow. But by implementing a cybersecurity culture, including best practices and solutions with inbuilt defenses, companies stand a better chance of fighting off attacks.
For more, I invite you to watch the Expert Learning Session on cybersecurity from Innovation Summit Barcelona, which features insight from myself, Roberto Barbieri the Head of Information Security Operations and Services at Eni, and Mary Ramsey of the International Society of Automation (ISA):
This blog post is part of a series from Innovation Summit Barcelona 2019, a two-day event that brought together more than 3,500 industry professionals, solution experts, and IoT leaders to discuss about global trends, generate bold ideas and foster digital economy. If you want to know more about it, we invite you to read the other posts from this series:
- Re-inventing buildings to be future-proof
- Empowering the Digital Transformation and Tackling the Challenges of the Edge
- Powering and digitizing the economy: The formula for a sustainable future
- Making buildings efficient, engaging, and future-ready
- The Future is Bright. Let’s invent the New Electric World!
The post Cybersecurity Defense Requires a Strong Offense appeared first on Schneider Electric Blog.