How Can Critical Infrastructure Facilities Become Cyber-Resilient
Bringing together leaders, lawmakers and lawbreakers. Host Luke Fox explores how innovations in business and technology are redefining our trust in security measures.
Trusting a technology network is fundamental for modern business, but what happens when trust is broken because of cyber-attacks? The Trust Revolution topics the shortcomings of cybersecurity and how to close the gap. Host Luke Fox welcomed Dr. Robin Berthier, a pioneer in the field and CEO of Network Perception, a provider of corporate compliance and cybersecurity monitoring solutions for utility companies.
Berthier explained the new challenges for the utility market. “Utilities have modernized and that connectivity, especially around equipment and IoT, increase the risk for disruption and attacks.”
Berthier and Fox discussed a recent compromise to a water treatment plant. A weak cybersecurity network allowed for penetration. The attackers changed the setting of chemicals. Fortunately, the facility prevented the chemicals from going into the water supply, which could have been poisonous.
How can utilities protect against this? Berthier recommends “defense in depth or multiple layers of security.” He also cautions that companies need to change the way they think about cybersecurity. They should focus on when not if an attack occurs.
“It’s impossible to keep everything outside of the perimeter, so design a system with this in mind. Software vulnerabilities are only growing. There were 6000 in 2016 and 18,000 in 2020.”
The position Berthier urges is cyber resiliency. To achieve this, he said, “Visibility is key. Know what you have in your network and keep it up to date. Also, follow the principle of least privilege for applications.”
Cybersecurity is also a concern for more than just IT. It requires a robust compliance program, redundancy to ensure business continuity, and diversity of tools. For this to work harmoniously, teams across many departments are imperative.
While cybersecurity is becoming more complex, Berthier pointed out that simplicity and usability still matter. Balancing them with visibility, resiliency, and compliance will be the future of a cybersecurity framework.
Follow us on social media for the latest updates in B2B!