Cybersecurity in the infrastructure industry: Ready for radical improvement

By Manish Sharma, Vice President – Cloud, Security & Operations, Aurigo Software

Security is on everyone’s mind. Studies have shown that cybercriminals can infiltrate 93% of company networks, making security the biggest concern for companies in 2022. Average data breach costs have gone up too, from $3.86 million to $4.24 million, the highest average total cost in the 17-year history of the Cost of a Data Breach Report published by the Ponemon Institute and IBM. The cost is in addition to the impact a security breach has on a company’s reputation, the legal expenses, and the loss of productivity.

Reports indicate that in 2019, at least 966 state-owned agencies were affected by ransomware attacks that caused potential damage of over $7.5 billion. The infrastructure industry cannot afford to be at the wrong end of this trend. Just two recent examples demonstrate the threat posed by poor security beyond monetary costs: When the Colonial Pipeline, which carries 45% of the fuel consumed across the East Coast, became the victim of a ransomware attack in 2021, it resulted in panicking consumers rashly attempting to carry gasoline in bins and plastic bags, posing a threat to scores of lives. In another instance, last year, a hacker tried to poison a water treatment plant that served parts of the San Francisco Bay Area. Just this May, Costa Rica declared a national emergency in the wake of a ransomware attack.

The anxiety over security is reflected in practically every request for proposal (RFP) we get. Public and private executives want to know what we have done to put security at the forefront of our products.

The good news is that security awareness levels in the infrastructure industry are high. In fact, they are similar to those in the finance and healthcare industries—sectors which have consistently invested in security.

 
The bad news is that capabilities in the infrastructure industry around improving security are inadequate. The lack of available talent and resources required to secure networks, applications, and data are, in a very real sense, holding public agencies to ransom. The gap between awareness and capabilities has to be addressed urgently.

One reason for the growing severity of these attacks is the proliferation of threat actors. Super-specialized outfits are building commercial tools (Ransomware as a Service – RaaS), enabling cybercriminals to attack organizations with much ease. The methods used by hackers have become diverse too. They encrypt data, hold the target company to ransom, and threaten to share the data with customers and competition. And they compromise the nation’s power grids, hospitals, and airports. Without expert intervention, the sophisticated tools used by these hackers cannot be countered.

This is why security is the top priority at Aurigo. We understand that many systems in the infrastructure industry were created before the onset of digitization. These systems are being steadily integrated with modern digital systems, leaving behind a trail of more-than-normal vulnerabilities. Therefore, we believe in a holistic approach to security rather than implementing point solutions to challenges as they arise. The approach of putting in place disparate solutions as and when required also increases the risk of being saddled with a complex security system. Instead, secure systems should be built with the following foundations in mind

Build a solid foundation

  • Select the right cybersecurity frameworks and standards for your industry and your company
  • Adopt a defense-in-depth approach to implement multi-layered security measures to protect systems, applications, and data (see Figure 1)
  • Adopt zero trust security architecture to eliminate implicit trust and to validate electronic interactions

 
Monitor & maintain

  • Monitor the network and systems for anomalies & suspicious activities
  • Monitor and control outbound traffic and data flow to protect against data exfiltration
  • Establish a vulnerability management program to identify and eliminate vulnerabilities
  • Establish a risk management program to identify, prioritize, and treat security risks continually

 
Enroll the entire company in improving the cybersecurity posture

  • Establish a robust security awareness program for all employees
  • Establish and communicate security metrics contextualized for business needs

 
Independently verify your cybersecurity maturity

  • Seek industry certifications to validate the maturity of implementation (see Figure 2)
  • Perform periodic 3rd party led penetration tests for an independent view of your security posture
  • Perform “assume breach” exercises to assess the robustness of countermeasures

 
Partner with industry leaders

  • Find strong and reliable partners to complement your team’s skills and offer support
  • Assess “trusted” vendors in your supply chain for security posture maturity
  • Partner with your cybersecurity insurance provider for a view into the security landscape

 
Continuously improve and evolve your cybersecurity posture

  • Adopt an adversary mindset to identify gaps and deploy countermeasures
  • Establish a threat-assessment program to address emerging threats

 
Building security is an ongoing practice. This is daunting as cybercriminals and nation threat actors continue to attack the country’s critical infrastructure with increasingly sophisticated technologies and methodologies. Companies or public agencies cannot afford to let security incidents impact their operations.

A well-thought-out security practice can become a flywheel for powering an organization to gain customer trust and stakeholder value.

 

digital reporting

Figure 1

 

digital reporting

Figure 2

 

Manish Sharma

Vice President – Cloud, Security & Operations, Aurigo Software

For more information or questions, contact our team of capital program professionals at http://www.aurigo.com/request-a-demo/

Want to talk with an expert?

Request a Demo Contact Us