Add One More Fire to the List

Wednesday, March 6, 2013 @ 06:03 PM gHale


By Gregory Hale
Chief executives are in a constant state of alarm mode. They have to be thinking of the future direction of the company while making sure it is running as smoothly as possible so they can reap the greatest dividends to ensure the company’s profitability now and in years to come.

They need to plant seeds for future growth, while constantly putting out fires on any of the breaking trends they face on a daily basis. Two images that seem to contrast one another, but seem to truly come into play. Up until the past few years, the fires breaking out were difficult, time consuming, and sometimes expensive, but they were manageable because there was visibility.

RELATED STORIES
Poughkeepsie NY Utility Hacked
Security Checklist for CEOs
Malware on Oil Rigs
Stuxnet Hit 4 Oil Companies
FL Utility Suffers DDoS
Hacks Hit Big Firms

But then Stuxnet, Duqu, Flame, Night Dragon and Shamoon, all forms of some type of cyber attack, hit companies that either caused severe damage or stole some vital information.

Add one more fire to the list.

All of a sudden security, while always a thought in leaders’ minds, is now a top priority.

It only makes sense. Just look at some of the latest reports. Poughkeepsie, NY-based Central Hudson Gas and Electric is now working with state and federal authorities and industry groups to investigate a cyber attack in late February where hackers gained entry to as many as 110,000 customer accounts.

Employees detected the computer system intrusion Feb. 20. The attack occurred over a weekend, and as a result of regular control procedures, employees found the attack and reported it, the utility said.

On top of that, look at how malicious software downloaded by offshore oil workers incapacitated computer networks on some rigs and platforms, exposing gaps in security. In the offshore oil industry, that has to be a raging nightmare.

Some of these infected files downloaded directly through satellite connections, while other malicious files came aboard on laptops and USB drives infected on land.

With the millions, if not billions, of dollars in play, oil rigs, like any major organization or company, have a target on their backs and it seems amazing they all don’t have a defense in depth program that can ward off or isolate attacks that could injure the network.

The list of attacks and potential exposure goes on. But the end result is corporate data losses hit the highest levels this year since 2008 as companies work to improve data security strategies against a greater variety of more sophisticated IT attacks, according to one KPMG report.

Leaders at companies still view security as a cost center versus a potential revenue generator. After all, isn’t the real idea behind security keeping the systems up and running? If a manufacturer has a solid security plan in place that allows the system to stay up and running, they are able to produce more product, which means more revenues, which means more profits. That concept is fairly simple and straight forward, and there are folks at the top level (meaning chief executives) beginning to embrace the idea.

Yes, there are plenty of factors in play when it comes to security, but in the simplest form, manufacturers still need to keep their eye on the ball and make sure they know what they have to do to keep their systems, and assets, up and running. The message has to come from the top and it needs to be steady and consistent.

Much like safety, security is a vital part of any manufacturer’s being today and chief executives are starting to catch on. When that idea does catch on, it will be easier to safeguard the system and quell the security fire.
Talk to me: ghale@isssource.com.



Leave a Reply

You must be logged in to post a comment.