Q&A: Mitigating Cyber Risk in Digital Transformation

[ut_spacer margin_top=”20″ margin_bottom=”20″]

[ut_spacer margin_top=”30″ margin_bottom=”30″]

The Industry 4.0 ThinkTank brought together the U.S. manufacturing sector with provocative thinkers, industry leaders and experts to help simplify and humanize the Industry 4.0 digitization process. Couldn’t make it to Chicago? No problem.

GrayMatter’s Cyber Practice Lead Scott Christensen brought back his insights to share an exclusive, all-access look at mitigating OT cyber risk in this Q&A after serving as a panel member.

[ut_spacer margin_top=”30″ margin_bottom=”30″]

“It’s a battle of kingdoms between IT teams and production teams.”

[ut_spacer margin_top=”30″ margin_bottom=”30″]

Q: What was the best success story you have?

The best one I have is a conversation with a manufacturer who said they’re going to re-architect their systems and how they’re going to go about cyber OT.

Typically, when it comes to OT cyber strategy, it’s a battle of kingdoms between IT teams and production teams. No one is sure who owns cyber in the production world, creating a lack of convergence on what the best methodology is for going forward in cyber security.

Want to learn more? Take a look at the GrayMatter Cyber Security Guide for Operational Technology.

The manufacturer’s new way of going forward would involve a team made of both cyber IT security experts and production members, such as plant managers, operational engineers or the COO.

This brings the barriers down of who has ownership of cyber production within the network, creating a team that can work together to mitigate risks.
[ut_spacer margin_top=”30″ margin_bottom=”30″]

“They get in a state of paralysis, and it can be detrimental when decisions are at a standstill.”

[ut_spacer margin_top=”30″ margin_bottom=”30″]

Q: What insights did you get from manufacturing customers on their biggest cyber struggles?

The biggest struggle I recognized was people trying to overcome their fear of the unknown. Being afraid of doing nothing will cause problems, but people are also afraid that doing something will cause greater problems. They get in a state of paralysis, and it can be detrimental when decisions are at a standstill.

The best advice I can give to a manufacturing VP is to find the quick and easy wins to justify a cyber security program. Don’t try to accomplish everything at once, because that’s when the state of paralysis happens. Look for areas to show success for deploying areas in the production world.

[ut_spacer margin_top=”30″ margin_bottom=”30″]

“Understand what you’re trying to achieve, and move forward from there.”

[ut_spacer margin_top=”30″ margin_bottom=”30″]

Q: Have most manufacturing companies started a cyber plan?

That’s the interesting part – it’s a pretty even split. Those that establish through OT cyber, a lot don’t have modification based on digitization of manufacturing floor so they’re being thrown out.

The other half haven’t even touched OT from a cyber standpoint and don’t know how to begin mitigating risks.

I get a lot of questions like ‘how do I begin?’ ‘where do I even start?’ and ‘how do I look?’

Most people don’t understand what their assets look like, what their risks are or the facts behind them. For me, the answer is pretty simple — understand what you’re trying to achieve, and move forward from there.

Learn more about the digital transformation journey — check out our eBook.

[ut_spacer margin_top=”40″ margin_bottom=”40″]

[ut_one_half]

Scott Christensen, Cyber Practice Lead at GrayMatter.

[/ut_one_half]

[ut_one_half_last]

[ut_spacer margin_top=”10″ margin_bottom=”10″]

About Scott Christensen

Based out of Houston, Scott is helping spearhead the GrayMatter cyber practice as an industry thought leader on operational technology cyber security. He specializes in helping companies struggling with risk on the journey to digital transformation and mapping out OT cyber strategies.

Follow Scott on LinkedIn

[/ut_one_half_last]