The phrase “employees are the weakest link in cybersecurity” is still a common thought process, even among cybersecurity professionals. Yet is it still true or just a saying we should have already ditched? What is happening in industrial IoT environments? How can businesses enhance their cybersecurity as the coronavirus pandemic continues to spread across the globe and the risk for cyber-enabled fraud explodes?
At first sight, the question seems easy to solve. Evaluating risks, analyzing vulnerabilities, applying corrective measures, setting policies and procedures and then train all collaborators appears to be an easy and sensible action plan to tackle cybersecurity issues. And yet Shodan, the search engine for the Internet of Things, continues to report thousands of IoT devices connected with default passwords or industrial control systems that do not require authentication.
How to change that to adopt a cybersecurity behavior and culture in industrial IoT environments was the subject of a new webinar jointly organized by the IOT Solutions World Congress (IOTSWC) and the Industrial Internet Consortium (IIC). Sponsored by the Catalan Ministry for Digital Policy and Public Administration, the session, led by two IT security experts, made it clear that “detecting threats is important but being able to respond immediately is even more crucial.”
Manel Garcia, Business Unit Director at Aubay Spain, opened up his speech by stressing that cybercriminals have taken advantage of the COVID pandemic as they have a highly emotional issue ready to exploit. In fact, several reports point to an increase in online scams and phishing, disruptive malware, data harvesting malware and misinformation as a result of the shift to remote working. In this sense, the speaker praised the effort made by the industrial sector and the Cybersecurity Agency of Catalonia to publish a guide to avoid cybersecurity problems.
He followed up by recalling some key actions enterprises can take. Monitoring the company’s network, patching and updating anything that is necessary, reviewing configurations, backing up more often, segmenting and isolating according to risk and value criteria, correlating data from various sources and, altogether, automating and orchestrating can help cope with potential damage.
Garcia also highlighted the need to monitor disparate information silos and apply Machine Learning to find important hidden issues, i.e. the needle in the haystack. And the end of the day, he said, security problems are related to technology, people, or processes.
Albert Vives, Corporate Security Manager at Applus IDIADA, agreed that there is still “a lack of understanding of cybersecurity threats”. In this light, he also underlined that businesses need to “understand the challenges they face before securing their environment.” And that means “aligning Information Technology and Operations Technology to execute an integrated security.”
However, these actions are difficult to put into practice unless businesses provide support from specialized teams, deploy specific security awareness programs, and join communities and networks to stay up to date. Because, in the end, cybersecurity is everyone’s concern.