Kiran Zachariah, Vice President, Digital Security at Sectrio, elaborates on the steps to be taken to secure digital transformation journey.
With digital transformation investments gathering pace since the onset of Covid-19, new focus areas within the domain are now emerging. Data management and IT competency augmentation, information technology revamp, information and data stewardship, workplace transformation, and greater operational transparency are all the areas where companies have made headway and progress through digital transformation projects.
Such progress has placed added emphasis on securing the value derived from digital transformation initiatives (to justify further investments to accelerate the journey). From large scale automation, infusion of data-driven visibility into operations to remote management of critical infrastructure there are four areas that businesses need to address on priority from a cybersecurity standpoint to fast track their digital transformation initiatives:
- Address existing and new vulnerabilities through a diligent and disciplined effort
- Embracing frameworks such as Zero Trust and IEC 62443 to improve the overall security posture while paying attention to granular security management details such as network segregation, access control and network visibility
- Streamlining and scrutinizing supply chains and the entire vendor eco-system
- Operating with contextual threat intelligence
Let’s now look at each of these aspects in detail.
Addressing vulnerabilities: When it comes to OT security, we noticed many companies are adding new and untested devices to their networks without paying attention to its impact on the network as a whole. Unless such devices are scanned by a vulnerability scanner that can study them for CVEs, such devices can open the door for threats to move in and derail your digital transformation. Visibility into what is connected on your network and its activity footprint is essential.
Embracing frameworks: Zero trust and IEC 62443 afford businesses a range of opportunities for improving digital transformation security. Businesses need to pay more attention to them.
IEC 62443, for instance, spells out a series of requirements and associated methods to diligently manage security challenges in IACS and industrial environments. It includes measures to protect data, ensure system integrity, and deployment of appropriate counter measures to thwart adversarial activity.
Zero trust framework on the other hand ensures the adoption of a principle of earning trust rather than implying or according trust by default. This means that every network component has to act in a manner that promotes a posture of trust and confidence when viewed from the lens of cybersecurity. While moving away from the dated perimeter-based security efforts, Zero trust ensures/enables
- Operational visibility across the enterprise
- Simplification of device security management
- Improved data protection
- Remote workforce access security
- Streamlining of authentication with all users and devices being treated equally in terms of access privileges
Supply chain security management: This is an often overlooked aspect of cybersecurity. This is why the threats emerging from extended and limited supply chains can be destructive. IoT and OT projects often rely on supply chains that extend across geographies.Keeping supply chains secure by having vendors comply with security standards is a practice that is recommended.
Cyber threat intelligence: The right threat intelligence can mean the difference between threat detection and a cyberattack. Contextual threat intelligence bridges this gap effectively by ensuring the early detection of threats. Here are some of the benefits that one can accrue by using the right threat intelligence source:
- Improved SecOps efficiency: rich, qualitative, and contextual OT and IoT threat intelligence will enable your security teams to focus on the right threats without wasting time on false positives
- Save Costs : threat intelligence can help you detect threats early thereby preventing loss of data or revenue (due to downtime, loss of credibility, or ransom)
- Protect data
- Prevent a breach