Intelligent CISO Issue 27 | Page 45

industry unlocked or due diligence, but a critical business requirement that needs to constantly evolve and mature by continuously assessing the threats and deploying controls to thwart such attacks to discourage the actors behind them. Otherwise, erosion of credibility and loss of revenue will be swift. In today’s hyper-competitive environment, no manufacturer can afford a disruption. The biggest change the pandemic has influenced is the extension of the perimeter. Today, a company’s assets extend beyond its networks and physical security. The only security option that exists today is for each asset to present a perimeter to protect itself because the assumption to be made is that these assets exist in an insecure environment such as insecure home networks, public Wi-Fi, etc. and thus, these assets could become conduits of entry into the company’s secure network. What steps can CIOs and CISOs within this sector take to improve their security posture? To secure assets, data and systems connected with manufacturing, a multi-pronged strategy must be adopted that includes: • Building an enterprise risk model: Look at security from an insideoutside perspective starting with visibility of all the assets deployed, assets that could be targeted and associated vulnerabilities, employees who could be targeted and then link it with strategic decisions about infrastructure, technology, process modifications and operations required to mitigate it • Evaluate supply chains linking with key processes and equipment to avoid supply chain poisoning • Fortify your threat posture: Regularly conduct ongoing rain checks on key A strong cybersecurity posture is not just a matter of choice or due diligence, but a critical business requirement. measurement criteria and targets. Align them with the prevailing threat landscape and threat actor and malware behaviour • Have regular conversations with all stakeholders and encourage employees and others to identify areas for improvement from a cybersecurity perspective www.intelligentciso.com | Issue 27 45