First Person: Putting a Cyber Defense Plan in Place
To find out more about the current cyber threats companies are facing and their responses to such threats, Area Development’s staff writer, Lisa Bastian, interviewed Michael Morris, a managing director in Deloitte’s Cyber Detect & Respond practice.
Q1 2023
Morris: Many IIoT devices were built with a specific function in mind at a time when security wasn’t a high priority. As more and more devices connect to the Internet, organizations’ cyber-attack surfaces have grown, and now span all of their critical business areas. As industrial, manufacturing, or other organizations look to defend against cyber threats, they need to begin inventorying and monitoring all of their connected assets, including information technology (IT), operational technology (OT), Internet of things (IoT), and industrial Internet of things (IIoT). Since cyber adversaries will take advantage of any organization’s security blind spots, organizations would be wise to build visibility across all of their tech assets.
AD: What data is most attractive to cyber thieves and why?
Morris: While motives vary by different cyber adversarial groups (e.g., cyber criminals, hacktivists, and nation-states), it’s important to discern those motivations as they highly impact where harmful, disruptive activity will focus. Unfortunately, most organizations need to deal with multiple adversaries at a time, making cybersecurity a difficult job. Cyber criminals typically look for financial gains through intellectual property, personally identifiable information (PII), or business critical data. Hacktivists usually focus on what they can do to disrupt business activities or expose internal organization information. And, nation-states are most likely to target unique intellectual property or access to critical systems
AD: What basic elements make up a great cyber defense plan? What extra services should be added for optimal protection?
Morris: There are several basic elements needed for a cyber defense plan. These include identifying core critical systems that have the biggest impact to business success, enabling the monitoring of those systems, and enabling automation to identify anomalous and malicious behaviors to mitigate threats as quickly as possible. Threat actors often leverage a lot of the same technology that cyber risk management programs do, so enabling and building your organization’s security capabilities to counter them as soon as they’re identified is key in protecting the business.
AD: Which cyber services are best to be outsourced, and why?
Morris: There are many cyber services that managed service providers can provide. For example, we’ve seen an upward trend in organizations hiring managed detection and response (MDR) providers to cost-effectively address increasingly complex threat landscapes employing skilled cyber talent that’s often hard to come by in an incredibly tight job market.
AD: What are some of the most promising new cyber defense tools in the works?
Morris: One new approach we see in the market is the use of proactive cyber defense platforms. These non-persistent agent deployments can enable adversary pursuit — or threat-hunting teams — to leverage cyber threat intelligence and automation to quickly find and mitigate non-signatured attacks. Using new platforms like this allows the defensive cyber team to proactively “flip the script” on the attacker by detecting and mitigating threats before they’ve been able to cause major disruptions.
AD: How can companies do a better job of mitigating damage from “social engineering” fraudsters who trick employees?
Morris: Implementing employee awareness training programs, as well as periodically testing employees, can help mitigate damage from social engineering threats. Enabling reporting protocols also can help by asking employees to report any fraudulent activities (such as spear phishing via email), and then ensuring managers minimize any negative impact that could occur when employees self-report (in a timely manner) being scammed. Additionally, building authentication methods for access to critical business systems and enforcing strong password policies for employees can thwart these threats of deception.
AD: Are we doing a better job identifying, stopping, and/or prosecuting cyber terrorists?
Morris: Unfortunately, adversaries are continuously refining their craft. But the good news is that security teams and products are doing a better job identifying those cyber threats.
Project Announcements
Republic Airways Holdings Plans Tuskegee, Alabama, Training Operations
04/18/2024
South Africa-Based Radel Plans Winston-Salem, North Carolina, Operations
04/18/2024
Firestone Industrial Products Expands Dyersburg, Tennessee, Operations
04/18/2024
Samsung Electronics Expands Taylor, Texas, Chip-Manufacturing Operations
04/18/2024
OMCO Solar Plans Huntsville, Alabama, Production Operations
04/18/2024
Martco-RoyOMartin Upgrades Allen Parish, Louisiana, Operations
04/18/2024
Most Read
-
2023's Leading Metro Locations: Hotspots of Economic Growth
Q4 2023
-
2023 Top States for Doing Business Meet the Needs of Site Selectors
Q3 2023
-
38th Annual Corporate Survey: Are Unrealized Predictions of an Economic Slump Leading Small to Mid-Size Companies to Put Off Expansion Plans?
Q1 2024
-
Manufacturing Momentum Is Building
Q1 2024
-
Making Hybrid More Human in 2024
Q1 2024
-
20th Annual Consultants Survey: Clients Prioritize Access to Skilled Labor, Responsive State & Local Government
Q1 2024
-
Public-Private Partnerships Incentivize Industrial Development
Q1 2024