Defending the Enterprise
The scramble to prepare can have positive consequences, whether or not the anticipated attack takes place.
"The 2012 Disttrack attack against Saudi Aramco, which devastated that company and put all of Saudi Arabia on its heels for half a year, led to the better successful defense of Bahrain," says Roger A. Grimes, data-driven defense evangelist at KnowBe4. "Before the Saudi Aramco attack, Middle East computer security was worse than poor. It was almost nonexistent. But losing 32,000 computers, servers, and workstations in one of the world's first nation-state attacks and the shutting down of the No. 1 wealth producer for the country has a way of creating focus."
With focus applied, Sternum Security's Tshuva says that layers of security are critical for protecting both IT and OT infrastructures. "A lot of enterprises and organizations are focusing on network security solutions to secure the network and another layer of security embedded into each and every device," she says.
Specific layers will vary according to industry. Cequence Security's Kent gives the example of the electrical grid and its member providers as an industry with specific guidelines. "So long as each of these organizations have tightened security to the NERC-CIP [North American Electric Reliability Corp. critical infrastructure protection] standards that govern the security of the grid, they should have implemented key security layers," he says.
And the layers for industry can't be confined to technology, SAP NS2's Testoni says. "Cybersecurity is cultural," he explains. "It needs to be recognized that technologies are tools in the battle, but they aren't the battle."
The security culture needs to extend to the C-suite and the executive board, Testoni says. In fact, he says he can see a day when companies are evaluated on their cybersecurity and resilience just as they are evaluated for their financial statements.
"The fact that our lives are now very dependent on cyberspace means that we have a virtual profile of ourselves on the Internet, in cyberspace, and we're exposed just as much as we are in the physical world," SCADAfence's Ben-Meir says.
And just as in the physical world, challenges should be thought of as opportunities. "I think we have to evolve the debate from whether we do cyber in organisations to how we can create value from it," Testoni says.