Managers at manufacturing companies experience how IT, digitalization, call it what you want, washes over them at an accelerating rate over the next few years. It is essential to hang out and surf into the future; otherwise, you will have to devote yourself to something else. With these premises, it is easy to address the shortcomings of cybersecurity as quickly as possible. It’s a mistake,” writes Emanuel Lipschütz of Conscia.
Is the goal of cybersecurity to have a completely secure IT environment, right? No, no, no. The objective should be to deal with the security situation that prevails. Striving for perfection is not only useless; it results in poorer cybersecurity.
This is certainly hard to grasp for someone who does not have complete insight into cybersecurity. It may be tiring to hear, but the first step in working with cybersecurity in a company should be to get an idea of the current situation. Based on this analysis, it is possible to identify protective resources and basic solutions to protect them. After that, it’s time to appoint staff, design processes, and buy services and products.
Many people make the big mistake of starting with the final step, to purchase services and resources. This is based on an ambition to plug all possible safety holes. It is not going to work very well. To better understand why is to investigate what intrusions are already going on in a company’s IT environment. Well, that is the way it is – expect your company to already be infiltrated and base your security strategy on that insight.
A bonus tip in this context is to spend a few hours at an informal workshop to investigate and discuss what the current situation is like (or just discuss the status quo). Then consider what actions and security solutions those insights provide and compare with the strategy and security solutions in place. Two very different images will appear.
The first approach is based on a desire for waterproof safety. The second path is built on the realization of the actual security situation. It is the second image that should guide your cybersecurity approach.
What does it mean in specific terms? A good example is spending fewer resources on perimeter protection and more on monitoring and analyzing calls to applications and other resources in the company’s network. Then put effort into products, services, processes, and personnel to deal with the intrusions detected. It also means having appropriate data backup and recovery procedures. Do not expect to be able to detect and handle all intrusion attempts at an early stage.
Of course, one should not completely disregard perimeter protection, with firewalls, for example. And in some situations, of course, it is crucial to act quickly. But perimeter protection is difficult when there is no longer any “perimeter” to protect. Teleworking, distributed solutions such as IoT, the use of cloud services, and, not least, the internet itself mean that it is impossible to build a security wall between a company and the outside world; this increasingly also applies to factories. Security issues need to be addressed where it is most reasonable to detect them, and it is in many cases, inside the company’s network.
To be clear: without a comprehensive and thorough analysis of the current security situation and the resources that need to be protected, it is impossible to create a good strategy or solutions for cybersecurity. Striving to build walls between the business and the outside world to achieve perfect cybersecurity is pointless. It is directly dangerous because, on the one hand, it means that too little resources will be spent on the solutions that are really needed and, on the other, it will not work.
The purchase of cybersecurity products and services without a thorough analysis of the security situation means wasted money.