K
Kathleen Martin
Guest
The World Economic Forum's Global Risks Report 2022 was released last week, revealing cybersecurity is the biggest worry for business leaders in Australia in 2022.
And with good reason.
2021 saw a maelstrom of high profile attacks, most notably Colonial Pipeline and JBS Foods in the USA, with Australian businesses suffering more than $33 billion in total losses from cybercrime, according to the Australian Cyber Security Centre.
We sat down with three leading experts on cybersecurity for their take on what businesses should be keeping front of mind and how they can mitigate security risk in 2022.
Unification of OT and IT security
According to Qualys A/NZ chief technology security officer Rahn Wakeley, one of the most important things organisations can do in 2022 to help mitigate risk is to simplify the management accountability of OT and IT security under the CISO role.
"The risk to physical equipment has been apparent for years, but the Colonial Pipeline attack has acted as a wake-up call and a salutary lesson to organisations that use any solution that exposes physical machinery to the internet," notes Wakeley.
He is a firm believer that 2022 will be the year when a single CISO becomes responsible for OT and IT security. "As we move further along the path of the fourth industrial revolution, it's inevitable that we must think of OT and IT under the same risk domain."
Wakeley also predicts a rise in ransomware related to OT assets in 2022 and notes that as cyber insurance providers are scaling back coverage on ransomware attacks, now isn't the time to sit back and hope a breach won't occur.
Critically, he is concerned that it isn't just the financial impact that businesses must consider. "Last year Gartner predicted that we'll see cyberattackers weaponising operational technology (OT) environments to successfully harm humans by 2025, so ensuring critical OT systems are protected really could be a matter of life or death."
The development of new strategies as cybercrime grows
Leaders in unified physical security software Genetec are all too familiar with the problem caused when OT and IT security are out of synch.
Genetec A/NZ general manager George Moawad notes that this can often lead to the simplest yet most important part of cyber hygiene – ensuring that all IoT devices and on-premise servers are running the most secure version of the firmware that is available – being overlooked.
According to Moawad, new models for cybersecurity will emerge. "As more devices come online and data processing becomes central to operations, businesses will need to remain agile and responsive to the evolving threat landscape. At the same time, their customers will also demand greater transparency about how they are keeping data secure and private," says Moawad.
Continue reading: https://securitybrief.com.au/story/new-year-new-rules-understanding-the-cybersecurity-danger-areas-in-2022
And with good reason.
2021 saw a maelstrom of high profile attacks, most notably Colonial Pipeline and JBS Foods in the USA, with Australian businesses suffering more than $33 billion in total losses from cybercrime, according to the Australian Cyber Security Centre.
We sat down with three leading experts on cybersecurity for their take on what businesses should be keeping front of mind and how they can mitigate security risk in 2022.
Unification of OT and IT security
According to Qualys A/NZ chief technology security officer Rahn Wakeley, one of the most important things organisations can do in 2022 to help mitigate risk is to simplify the management accountability of OT and IT security under the CISO role.
"The risk to physical equipment has been apparent for years, but the Colonial Pipeline attack has acted as a wake-up call and a salutary lesson to organisations that use any solution that exposes physical machinery to the internet," notes Wakeley.
He is a firm believer that 2022 will be the year when a single CISO becomes responsible for OT and IT security. "As we move further along the path of the fourth industrial revolution, it's inevitable that we must think of OT and IT under the same risk domain."
Wakeley also predicts a rise in ransomware related to OT assets in 2022 and notes that as cyber insurance providers are scaling back coverage on ransomware attacks, now isn't the time to sit back and hope a breach won't occur.
Critically, he is concerned that it isn't just the financial impact that businesses must consider. "Last year Gartner predicted that we'll see cyberattackers weaponising operational technology (OT) environments to successfully harm humans by 2025, so ensuring critical OT systems are protected really could be a matter of life or death."
The development of new strategies as cybercrime grows
Leaders in unified physical security software Genetec are all too familiar with the problem caused when OT and IT security are out of synch.
Genetec A/NZ general manager George Moawad notes that this can often lead to the simplest yet most important part of cyber hygiene – ensuring that all IoT devices and on-premise servers are running the most secure version of the firmware that is available – being overlooked.
According to Moawad, new models for cybersecurity will emerge. "As more devices come online and data processing becomes central to operations, businesses will need to remain agile and responsive to the evolving threat landscape. At the same time, their customers will also demand greater transparency about how they are keeping data secure and private," says Moawad.
Continue reading: https://securitybrief.com.au/story/new-year-new-rules-understanding-the-cybersecurity-danger-areas-in-2022