Addressing the Cybersecurity Resource Gap as Manufacturing Embraces New Technology
Don Ward, Senior Vice President, Global Services, Mission Secure
Today’s manufacturing, industrial automation, and process control network environments are increasingly digital and connected. With this digital transformation, the age of air-gapped security is quickly becoming extinct. At the same time, manufacturing environments are exposed to an ever-expanding cyber-attack surface — with network/internet-connected legacy equipment, new equipment, smart/IIoT devices, AI/ML applications, and a remote workforce.
On the heels of the massive SolarWinds and Microsoft Exchange attacks and as manufacturing has emerged as a top target for cyber adversaries, the case for cybersecurity is clear. Critical manufacturing must ensure their operations are safe and reliable — even during a cyber-attack. What remains veiled is the path to that level of cybersecurity, an initiative that requires resources.
Cybersecurity Ventures forecasts a $6 trillion total damage cost from cyber-crimes this year. Comparatively, cybersecurity investment is predicted to hit $1 trillion, a fraction of the damage cost from cyber adversaries; and 2021 is expected to have a total of 3.5 million unfilled cybersecurity roles — all published before COVID-19 and the onslaught of 2020 cyber-attacks.
Scarce cybersecurity resources remain an industry challenge, further exacerbated when adding an operational technology (OT) focus.
OT cybersecurity is notorious for being behind IT cybersecurity best practices. In the IT world, managed cybersecurity services are table stakes. But IT managed services are often not a fit for manufacturing’s operational environments prioritizing availability and integrity over confidentiality, and few IT services offer the OT expertise required to secure manufacturing operations. However, in taking a page from IT practices, managed services purpose-built for OT environments hold numerous benefits with the potential to accelerate OT cyber-attack protection for manufacturing.
By embracing managed OT cybersecurity services, manufacturing organizations can cost-effectively address their cybersecurity resource constraints, accelerate their cybersecurity initiatives, and achieve a robust OT cybersecurity posture. This presentation will discuss an OT approach to managed services, including:
Lessons Learned: Best practices and lessons learned from IT approaches to cybersecurity and OT cybersecurity practices to-date
Accelerated Security: Benefits of an actionable and resourced cybersecurity plan
Case Study: Achieving zero-trust OT cyber resiliency and robust cyber-attack protection
Don Ward contributes a wealth of technology leadership experience with over 20 years in cybersecurity, IT, and data networking. He’s built, grown, and led service departments in early-stage, high-growth, and Fortune 50 technology companies, holding senior management positions at industry leaders like Hewlett-Packard and Cisco Systems. Earlier in his career, Don built and led the global services team at TippingPoint, acquired by 3Com (now owned by Hewlett-Packard). After the 3Com acquisition, Don led the team as the Senior Director of Technical Field Operations at Hewlett-Packard. In that role, Don was responsible for technical training, certification, the Threat Management Center, and the Corporate Technology Lab, as well as support and professional services. Don holds a BS in Electronics Engineering and Telecommunications Technology from Texas A&M University.