Many industrial companies have made progress in heading off cyber attacks. But, with new threats emerging and evolving, they will require greater resilience that combines cybersecurity capabilities with something more.
A cyber-resilient business brings cybersecurity capabilities together with business and enterprise resilience. Such an approach allows industrial manufacturers to respond quickly to threats so they can minimize damage and operate under attack if necessary. Moreover, industrial companies need to continue transforming and embedding this high level of security throughout their organization and its extended ecosystem to build a strong, enduring defense.
Focusing on maintaining a resilient infrastructure for the foreseeable future will be essential. According to Accenture research, automotive manufacturers alone are experiencing 160 targeted cyber attacks each year on average. However, they have been largely successful in fending off significant breaches by embracing such an approach.
Their efforts reflect those of other forward-thinking companies that also are closing the gap on attacks. Our research shows that, though targeted attacks more than doubled in the space of only one year—232 on average in 2018 vs. 106 in 2017—respondents from all of the industries we surveyed were able to prevent 87 percent of them vs. only 70 percent in 2017. This is encouraging, but obviously there is room for improvement.
Accenture analysis finds that by investing in the right cybersecurity capabilities, industrial manufacturers can achieve a sustainable level of cyber resilience.
Forging resilience
There are five steps industrial companies can take to support their goal toward greater cyber resilience:
- Build a foundation: Identify high-value assets that are critical to operations, such as assets subject to regulatory penalties or that are important to trade secrets that differentiate the organization in the marketplace. Also, make it as difficult and as costly as possible for adversaries to access assets. Limit any damage they can cause. Prioritize protection of high-value legacy assets. Create a crisis management plan.
- Pressure-test resilience: Coach data breach simulation teams to identify potential weaknesses and bring a new level of realism to testing defenses. Then, analyze what worked and what did not in order to develop a list of recommendations that will help improve the company’s overall cyber defense strategy. Make this an ongoing practice.
- Automate defense: Leverage the intelligence capabilities of breakthrough technologies, such as artificial intelligence (AI), Big Data analytics and machine learning to give your company the ability to identify, assess and respond in real time to threats and changes in risk levels. Also, practice advanced identity management techniques to stop, minimize or slow cyber adversaries. AI and robotics also can provide a reliable, consistent and automated way to give the right person access to critical data.
- Proactively use intelligence and data: Employ advanced threat intelligence to help the organization’s users better anticipate potential attacks. This requires establishing a sustainable threat intelligence program that collects and curates strategic and threat intelligence to monitor suspicious activity, including malicious insider threats which are among the most frequent types of attacks.
- Elevate the CISO role: The next-generation chief information security officer should be both business-adept and tech-savvy. This includes an understanding of what must be done to ensure future cyber resilience, including identifying needed management talent and matching the right skills with the right functions to optimize the effort. Instituting an enterprise-wide exposure and risk monitoring program to gauge success also will be critical.
Protecting the future
Identifying breaches and solving immediate issues, while remaining operational, is fundamental to sustaining cyber resilience success. Many security teams are getting more effective at finding breaches more quickly. It is taking less time to detect a security breach from months and years to just days and weeks. Industrial manufacturers that can produce this depth of protection can achieve a sustainable level of cyber resilience.
>>Brian Irwin, [email protected], is managing director of Industrial North America for Accenture.