Global research shows nearly two-thirds of organizations have seen a rise in cyberattacks and about half have experienced a breach. What can be done? I have some thoughts. The numbers are very interesting when you look at the state of cybersecurity today and some of the possible solutions.
Splunk’s State of Security 2022, surveyed more than 1,200 security leaders. According to the report, 79% have encountered a ransomware attack and 35% admit that one or more of those attacks led them to lose access to data and systems. So, what then can be done?
I recently sat in on an AEC (architecture, engineering, and construction) session that narrowed in on cybersecurity in the construction industry and Claire Rutkowski, CIO (chief information officer), Bentley Systems, gave some very tactical advice for how construction companies can approach cybersecurity in this day and age.
One of her biggest recommendations is that it is really important that the CIO, CISO (chief information security officer), and the CFO (chief financial officer) are on the same page.
“Security and the degree to which you have the appropriate tools, and resources, and systems in place depends on how much risk you are willing to accept and how much money you have to spend,” she says. “If you are willing to accept a high degree of risk, you probably don’t need to invest a lot, but know you will pay for it later. And if you are, no, we can’t have any risk, we want to minimize the risk as much as possible, then you are going to be higher on the cost continuum.”
Here are some questions to consider when ensuring the CIO, CISO, and CFO are on the same page:
- What are our critical assets?
- What are the risks and vulnerabilities of each critical asset?
- What are we doing to protect them?
- Do they have multiple layers of protection?
- Do we have malware and phishing filters on our email? How effective are they?
- Do we have training? Do we send out suspicious emails to test this training?
- Do we know who is logging into our network and from where?
Secondly, and building on this idea, Rutkowski also recommends it is essential to have an incident response and communication plan in place that way when you are in the moment of an attack you know exactly what you need to do.
Here is just a sampling of things to consider in an incident response and communication plan:
- Who do you need to call? Who is calling cyber insurance? Who is calling the FBI?
- What are the contractual obligations?
- Does someone have a list of everyone’s cellphone numbers?
- How often is this plan tested?
- Are you tracking information leaving the organization?
- Can machines be remotely wiped?
These are just a handful of considerations. The bottomline is you do not want to be determining what to do in the moment of an attack. You want to have all those details worked out ahead of time. What would you add? What do we need in terms of cybersecurity today? What do you have in your incident response and communication plan?
Want to tweet about this article? Use hashtags #construction #IoT #sustainability #AI #5G #cloud #edge #futureofwork #infrastructure