Monday, 22 July 2024
22.7 C

Why human assets are the key to protecting your company from cyber assaults

Home Engineering Automation & Control Why human assets are the key to protecting your company from cyber...
by Canninah Mapena

WHILE digital transformation and the move to the Connected Enterprise offer brilliant benefits to organisations – improved visualisation, better and faster data acquisition and processing, remote support, and informed decision-making – there is industry-wide concern that the “smart” enterprise is increasingly vulnerable.

More connected technology may mean more opportunities for cyber-attack. Add to the mix remote work, where employees are potentially working on their home or personal computers with insufficient anti-virus software, and the concern increases.

Bringing this into a manufacturing, process or mining environment, the threats presented by cyber-attacks go beyond malware, denial of service or ransomware and towards debilitating bugs and downtime. In a process operations context, risks include costly production stoppages and the potential for human harm.

One harrowing example was reported by the New York Times in 2018, where a petrochemical plant in Saudi Arabia was hit by a new kind of cyber-assault that was not designed to simply destroy data or shut down the plant. Investigators believe it was meant to sabotage the firm’s operations and trigger an explosion. Luckily, the attack was prevented by an error in the attacker’s coding.

While this is a rather drastic example, the message is clear: the risks are very real. So how can we go about protecting our Connected Enterprise?

The obvious option is to have trusted, high-quality, plant-wide industrial cybersecurity. To ensure our customers have access to this, Rockwell Automation recently acquired Oylo, an industrial cybersecurity services provider based in Spain.

Oylo is dedicated to providing a broad range of industrial control system (ICS) cybersecurity services and solutions, including assessments, turnkey implementations, managed services and incident response.

However, there is another element to consider when protecting your virtual and physical assets: your human assets. While many cybersecurity firms classify the “human aspect of cybersecurity” as a weakness or security threat due to the subjectivity of human behaviour, I am not a fan of this definition. It suggests that your own people are working against you, or don’t have company success in mind.

While it’s not impossible that deliberately malicious actors may exist within a company, logic would argue that an organisation’s own people surely prevent more attacks than they cause.

Think about it: whenever someone ignores a phishing email, they keep a network secure. When your colleague locks their computer screen before taking their lunch break, they prevent potential unauthorised access. When a staff member closes a website following a security warning, they are keeping your network secure.

At Rockwell Automation, we believe that your people can be your biggest defence. Humans have a unique ability to actively prevent attacks – it might just take some training and awareness. While digital skills are not particularly abundant in South Africa, this a showstopper.

In many cases, this can be easily rectified with some basic in-house training and perhaps annual cybersecurity workshops. This will go a long way in empowering your team to protect your company’s assets. It is worth investing some resources in upskilling and creating awareness in your team, as it will lead to improved business continuity and more resilient technological infrastructure, ensuring you maintain your company’s cutting edge.

Here are my five top tips when it comes to training your staff:

  1. Ensure your training initiatives are engaging. Blunt lectures aren’t memorable and won’t stick.
  2. Use practical examples to reinforce best practice.
  3. Hold regular refresher courses that explain new trends in cyber-attacks.
  4. Implement an incident-response policy so that staff are never in doubt about what to do in an attack scenario.
  5. Be the kind of manager your staff can approach if they have made a mistake and opened your business to risk.

As connected smart devices are introduced into the plant floor, having a comprehensive cybersecurity strategy that protects your operational technology and information technology is critical now more than ever before – and people are key in this strategy.

To be successful in your organisation’s journey to a Connected Enterprise, remember that your people are integral in this journey. Failing to consider their importance in keeping your environment secure and operational may see your company name in the next cyber-attack news headline.

Canninah Mapena is Managing Director, Rockwell Automation Africa


Most Popular

Slurry sucker system puts WWT back on track

DEVELOPED by local pump and dredging expert IPR, the SlurrySucker dredging system recently provided the ideal solution for getting the emergency water dams at...

Straddle carriers enhance container handling safety

AS the wellbeing of workers on site becomes increasingly critical in all sectors, industries that operate container handling equipment are taking a closer look...

Supplier partnership ensures construction contractor’s quality

TAKING an unconventional route into the construction sector, EB Construction’s Ben Wagner has built a solid contracting business that serves residential, commercial and industrial...

Crushing and screening customers supported

IN an environment where crushing and screening operations attach great importance to equipment uptime and productivity, an extensive footprint of 11 Sandvik entities in...