IT infrastructures must consistently become more resistant. Zero-trust networks, securing remote access and the use of endpoint detection and response (EDR) will be essential in the future. As the Industrial Internet of Things (IIoT in short) is increasingly the focus of hackers, it is also advisable to combine IT and OT security. It is also extremely important to focus on educating and raising awareness among employees. However, this becomes effective if continuous awareness campaigns are carried out.
Taking a holistic and consolidated view of the security aspect – along with risk management – is becoming increasingly necessary. Over a third of Europe’s critical operators and digital service providers still do not operate a Security Operations Center (SOC). In the energy sector, it is less than 1 in 3 operators who have their OT processes monitored through inhouse SOCs or a managed security service provider.
Cyber security becomes a strategic top-level decision
Chief information security officers (CISO) can avert damage by putting the right products, processes and people in place. However, a successful ransomware attack, coupled with the encryption of critical information, has an overall business impact. In fact, deciding whether to pay a ransom in the event of an emergency is a strategic business decision. And this is not solely the responsibility of the CISO. Preparation for any cyber attacks, supported by trainings such as table-top exercises, is a key element of business continuity. In addition, business leaders are becoming more vulnerable to extortion due to time and decision-making pressure. This is another problematic that needs to be taken into account. Strong cyber resilience has therefore long since ceased to be the sole responsibility of the IT department – but must become a strategic issue that assigns the ability to act.