Manufacturer vs Information Security…Who’s Going to Win???
Roy Whitehead
Get the full picture of the jigsaw puzzle ?? CISO/CTO/PD I help organisations and individuals deliver AI, Security (Cyber/OT), Tech and Personal Potential using Leadership and Diversity
Is your digital and industrial environment disconnected?
Are you being told that Industrial Control Systems ICS aka OT are out of your scope?
Too often I've seen cyber security considered out of bounds from the traditional industrial side of the business often with no rationale, certainly not based on risk just because of internal politics
The digital side of the business may seem like another world to the manufacturing side.
At board level for its business model to function any manufacturer, transport, utlities etc. company for example, must leverage talents and expertise from all parts of the business and technology.
The irony is information and cyber security delivery and broader expertise can easily be applied to both!
Foreign states are actively targeting manufacturers, utilities, transport providers etc.
It’s not just something happening to other people.? Their motives range from industrial espionage through to service disruption and more.
Industrial frameworks and standards like COBIT, ISO27001, IEC 62443 etc. have many similarities and overlaps.
The same threats are present to the business as a whole not just the digital or industrial side
That supports the view that your current in-house team already have many of the capabilities and qualities necessary to expand their scope into the manufacturing side.
领英推荐
So, how do we overcome this?
Start talking and breaking down those barriers.
I actively reach out to the ‘other’ side of the business especially safety even if it just starts with the first common ground relationship.
I often find that delivery methodologies we see in the digital space like Prince 2, MSP, SCRUM, SAFe and skills can be applied to all these areas.
Waterfall delivery originally came from the manufacturing world because of the need to get products manufactured efficiently
Agile is something that can still be wonderfully applied back from digital into the industrialised side.
One final thought...Health and Safety taken so seriously by many and security are cousins.
?? ??If you’d like to know more about how security can deliver to your broader business, reach out to me for a complimentary call.
Roy Whitehead is a veteran, innovative Programme ?Director, Manager and often Advisor. Previously CISO (ITSO) and PD at British Energy/EDF.
?
Thank Roy. A good read and a sector that is a huge target.
Get the full picture of the jigsaw puzzle ?? CISO/CTO/PD I help organisations and individuals deliver AI, Security (Cyber/OT), Tech and Personal Potential using Leadership and Diversity
6 个月Here's one example of a recent threat warning by the NCSC (that is GCHQ) on PLC (Programmable Logic Controllers)....so...keep them peeled... https://www.ncsc.gov.uk/news/ncsc-statement-following-exploitation-of-unitronics-programmable-logic-controllers