Turning Cyber Security
Investments into Opportunity

The complications surrounding keeping data secure and out of the hands of people with ill intent is an ever-changing challenge, due to the evolution of technology, the introduction of a growing number of devices or “endpoints” on information networks, plus the difficulty of tracking all devices and responding to security breaches—which could come from literally any one of those devices.

Major global corporations are especially at risk, due to the sheer scale at which they operate, and the value that can be obtained through unauthorized access to information, and damage that can be inflicted through malware. “There are very aggressive attackers on the cyber side,” said one endpoint security provider.

The risks continue to mount, with the fallout from a major security attack on a large US retailer in 2013 setting a precedent that sent shockwaves through corporate boardrooms. “The result of that was, the CEO got fired and the board got sued. This isn’t a nuisance or a cost of business any more, but something the board of directors will hold not just the CIO but top executives liable for,” he said.

As the Industrial Internet of Things (IIoT)—linking processes and parts in IP-connected systems and sensors—takes hold on the factory floor, security measures must meet varied challenges. Attitudes also differ by type of industry, according to a recent survey of industrial clients conducted by Automation World, which showed less awareness among batch producers. Here, the front line of defense is to prevent attackers from targeting control systems in ways that affect the quality of products and efficiency of processes, such as by making small adjustments to the systems over time. To meet this threat, security experts at Yokogawa have developed a portfolio of vendor-independent security solutions that can be integrated with the automation and control systems in order to protect endpoints from malicious or accidental infection over the course of the plant lifecycle.

According to a white paper issued in November 2015 by ARC Advisory Group, a leading technology research and advisory firm for industry and infrastructure, industrial organizations should regard security measures in the context of ongoing risk management, rather than isolated countermeasures, in order to help ensure the continuity of business and operations.

It all starts with the establishment of a solid cyber security management plan that promotes a phased investment and technology deployment based on a given company’s business requirements and scale. The right investments in operational security can help turn risk into an opportunity.