Cybersecurity's Cat - And - Mouse Trap
Every business relies on electronic information infrastructure to conduct its operations. This dependence presents both opportunities for collaboration and innovation; and risks to cyberattack and information loss.
While technologies that support data development, collection and sharing have advanced exponentially, so have the capabilities and sophistication of our cyber-adversaries. In this complex, dynamic environment, a CIO must advance enterprise IT systems while protecting company information.
Although cyber-attack types and frequency are ever-evolving, most assaults remain internet-based, either through email or compromised or malicious websites. In addition to these standard threats, new cyber-risks include the integration of operation technology into standard IT networks and a growing acknowledgment of supply chain risk.
Embedded operational technologies —hardware and software that gather and deliver analytical data about existing enterprise IT tools and processes —are increasingly proving more valuable to our IT environments. Their increased use, along with a greater overlap in historically closed industrial and private IT systems, means new security concerns are on the rise.
Gartner, Inc., a global research and advisory firm, predicts there will be about 1.7 billion new devices per year attaching to the enterprise network by 2023. Future operational technologies will have differing provisioning, security, monitoring and management requirements. A CIO must develop a plan to manage these new devices and maintain IT environmental integrity.
Multiple points of intersection across the enterprise infrastructure make an “Internet of Things” network strategy a daunting task for CIOs. Integrating and securing these devices will rely on some of the same principles that have already been defined for your current IT environment.
Managing cyber supply chain risk requires ensuring that products and services are secure and of high quality and integrity, making for a strong and resilient supply chain ecosystem
This integration of information technology and operational technology (IT/OT) relies on a complex, globally distributed and interconnected supply chain system. This supply chain system contains numerous hardware and software components from multiple vendors, so globalization of components increases the risk of supply chain compromise.
Cyber Supply Chain Risk Management—the process of identifying, assessing, and mitigating the risks associated with product supply chains —covers the entire lifecycle of a product or system (from conception to decommissioning).
Organizations are increasingly at risk of supply chain compromise, whether intentional or unintentional. Such risks are driven by threats from cyber-terrorism, counterfeits, device tampering, malware infected software and hardware, unauthorized access and data theft, unauthorized production, and poor manufacturing practices in the cyber supply chain.
Supply chain threats and vulnerabilities might compromise an IT/OT product or service at any stage. Managing cyber supply chain risk requires ensuring that products and services are secure and of high quality and integrity, making for a strong and resilient supply chain ecosystem.
The globalization of commerce and drive for low-cost, yet innovative, solutions have increased the risk of compromise to the cyber supply chain, which can ultimately be passed on to the end user.
The same principles that have been used to protect your company from cyberattacks can be used to defend yourself against both OT and supply chain threats. These principles include:
• Developing a cyber-ready workforce. Cybersecurity is not just a technology problem, it is a people, process and knowledge problem. Everyone in the company needs to be cyber-aware and adopt and implement secure cybersecurity practices. This includes training the workforce, as they are the first line of defense. Moreover, IT and cyber must make it easy for employees to do the right thing. When updating or deploying new protections, strike a balance between risk to information, ease of use and company success.
• Deploying layered protections to your IT and OT infrastructures, including multiple perimeters, logical isolation and boundary-control devices. In addition, every organization must deploy a variety of controls—technical, administrative, physical—to enforce cyber policy and defenses. Maximizing visibility into all computing environments using sophisticated monitoring, inspection and data analytics is key to detecting and remediating attacks. Employ a policy of “least privilege,” where individuals have access only to the information resources needed to accomplish assigned tasks. For an added layer of protection, implement multi-factor authentication — employ a “something you have” (biometric) and “something you know” (password) policy.
• Developing your defenses based on the principle that your systems will be (or already are)compromised. When one starts from the premise that a breach is inevitable, it changes the decision matrix regarding next steps. The question becomes not just how to prevent a breach, but how to lessen attackers’ abilities to exploit the information they have accessed and how to recover from the breach.
The threat is real, and the adversary is continually evolving, driven by varying motivations. They are outpacing us. They have the credentials to emulate our employees. They have a database of known vulnerabilities to exploit. They don’t play by any rules.
For now, that’s OK, because that’s how it is. But there is room for optimism—vulnerabilities can be patched, and credentials can be better protected by employing multi-factor authentication. We, the CIOs, will continue to forge relationships, collaborate and invest in the protection and defense of our organizations.
The explosion of technology and the ease of entry for adversaries guarantee that the cyberthreat space will continue to be a challenge for many years. By implementing some basic principles, a CIO will be able to guide their company through the increasing reliance on technology, the explosion of OT and the globalization of trade.