Operational technology (OT) cybersecurity is a valuable part of many sectors that use machinery or have an industrial component. Industries like oil, steel, chemicals, and other manufacturing rely on OT in order to operate efficiently and meet organization goals. But, OT can face various downsides if not secured including an increase in manufacturing accidents and hazardous environmental events. In order for organizations to stay safe and on track with their goals, McKinsey suggests focusing on the confidentiality, integrity, and availability of OT and manufacturing systems as a whole. Many widespread industrial cyberattacks happened across the globe in 2020 and McKinsey provides a few suggestions on how the industrial sector can strengthen their security:
First, businesses should focus on the non-technical side of OT security by getting executives from all departments involved. For example, simulating an OT cyberattack and practicing a response is a great interactive strategy to help everyone understand the impact it could have on the company. Establishing a cybersecurity committee is another solution for improving information security from a non-technical standpoint.
Communicating the risks information security faces is also key to the success of a company. Technical IT jargon can get confusing so it’s important to state the risks through relatable terms or examples when business stakeholders are involved. Also using qualitative and quantitative measures for how OT security impacts the business will ensure that all executives are on board with security measures and understand the risks their company faces.
Finally, using holistic techniques to assess the information security status is a helpful way to determine how certain measures can be improved and if there are any gaps in the system. Open-source intelligence (OSINT) gives detailed information on leaked data and system setups so that IT teams can determine where their biggest threats lie. Other risk assessments and third party security services are the perfect solutions to find weaknesses in your information security plans and improve your company’s defense against hackers.
Learn more about McKinsey’s strategies to strengthen IT security here.