- Angel Concord
The Human Elements of Industrial Cybersecurity- The Weak Link
As cyberattacks grow in sophistication over time, it is no longer an option but a requirement for organizations to integrate cybersecurity into their plans for business continuity and disaster recovery.
Making the effort to be cyber resilient means investing in the right infrastructure, systems, and processes that enable operations to continue in the case of a major cyberattack. To add, it can minimize losses from system downtime and prevent similar incidents from happening in the future.
But one thing that most organizations overlook is the fact that cyber resilience has to be collaborative. Post-cyber attack rebuilding and recovery is not solely a problem for information technology (IT) or security teams. Rather, as this article will discuss, there are human elements in industrial cybersecurity that cover various aspects of decision-making, incident response, and accountability.
Specialized OT security department
While IT is undeniably vital to data governance and modern day-to-day operations, IT professionals alone cannot take on the responsibility of handling cyber attacks to industrial equipment and systems. Organizations have encountered nearly 83% of cyber attacks in the critical infrastructures of their manufacturing, energy, or water supply systems. Yet there is still low regulatory compliance in operational technology (OT) security standards.
This prompts organizations to invest in a dedicated OT security department that not only focus on production services, but are also equipped with the cyber skills and expertise needed to protect critical infrastructure and minimize unplanned downtime during recovery. These departments can also work hand-in-hand with IT teams to secure OT networks that have adopted digital transformation in the form of internet of things (IoT) or public cloud services.
Once the joint OT/IT incident response teams have detected anomalous events or breaches in the network, it is the organization’s responsibility to implement a comprehensive communications strategy. Having an effective communications lead in place can provide support to immediate crisis needs, while also protecting the firm from long-term reputational damage. This involves taking into account both internal and external stakeholders who must be notified about the facts of the cyberattack. Additionally, it is crucial for communications personnel to be repetitive yet empathetic when updating victims, as they may still be left vulnerable to additional phishing or breach attempts.
Employees trained in cybersecurity
Organizations should also pay attention to the cybersecurity knowledge and awareness of their non-IT employees. Software company Symantec found that 71% of all targeted attacks started with phishing scams, to which employees are vulnerable as they regularly use work-related emails and devices for daily tasks. In line with professional development in today’s digital landscape, employees must have the updated cybersecurity skills that can adapt to the constantly evolving threats of cybercrimes and data breaches. Beyond knowing how to identify the telltale signs of scams, identity theft, malware, and ransomware, employers must also educate staff on how to report cyberattacks in compliance with standard protocol. This way, every employee can assist in fast-tracking response and recovery without any bottlenecks.
Legal and HR guidance
When targeted attacks involve financial liability and corporate accountability, it’s best to have the guidance and participation of legal counsels and human resources professionals. HR departments can create a safe space for post-crisis response by helping de-escalate stress levels among staff and letting them vent their concerns confidentially. On the other hand, legal officers in cybersecurity can advise the organization holistically on how to uphold trust, transparency, and business value following the cyber attack and systems recovery. While it may seem tedious to coordinate all these human-centered roles for a holistic recovery plan, the process is worthwhile and can be streamlined through professional cybersecurity solutions.
Salvador Technologies provides data backup and recovery services to organizations relying on the OT environment — from the instant Cyber Recovery Unit with quick installation and full visibility to each backup end-point, that provides full recovery and ensures operational continuity.