How to Protect Critical Infrastructure Today, While Securing Tomorrow
The energy and utilities sectors must quickly find answers and respond to a vital question – how can we address the emerging cybersecurity challenges that threaten national (and international) operations and services?
Organisations are under increasing pressure, as they are expected to deliver uninterrupted services and respond to regulatory demands. How can they balance demands to modernise legacy operations, increase sustainability, reduce costs to consumers, and defend against a growing list of cyberthreats?
It is no surprise, given the nature of these IT and OT environments, that 52% of executives say complexity is the biggest impediment to their cybersecurity operations. But knowing the problem, or part of it, is not the same as knowing how to fix it.
For more insights, watch our vodcast series.
In this blog, experts from IBM and Palo Alto Networks come together to explore five of the sector’s most pressing security challenges, and how to address them. Let’s look at each of these in turn.
How Can You Stay Compliant Without Slowing Down Business?
Michael Woodbridge, Associate Partner, IBM Consulting:
Nobody has a crystal ball, or unlimited budget to spend on security or controls, therefore implementing a risk-based approach is crucial.
Rather than see compliance, governance and security in separation, recognise how these can work in concert. Bring a risk-based approach, a proactive approach, together in your strategy.
The National Cyber Security Centre (NCSC) maintains a robust framework, the Cyber Assessment Framework (CAF), which requires continuous visibility, accountability and control. These can serve as the basis for a strategic blueprint to compliance and security, ensuring focus on the right places.
The key takeaway from our recent joint webinar, however, was that people are often the critical missing element. Training and education are vital but so is ensuring everyone knows their roles and responsibilities, from the CEO down.
How Should You Defend Critical Infrastructure?
When it comes to cybersecurity, no one has their head in the sand.
But even the most prepared, cautious and technically advanced can find themselves compromised.
Michael Woodbridge, Associate Partner, IBM Consulting:
Accept that one day an event may happen, therefore resilience and preparedness is key to minimising the impact of cyber incidents, being able to operate whilst under attack and the ability to very quickly recover from an attack in both IT and OT.
The energy and utilities sector is a prime target for bad actors, from nation-state groups to ransomware gangs. With industrial control systems (ICS), smart grids and remote infrastructure in play, the attack surface is wider than ever.
So, you need to be as resilient as possible.
That means end-to-end visibility, inventories, assessments – know what you have and what needs attention.
Look into zero trust and network segmentation. By limiting lateral movement within the environment, organisations can isolate breaches and prevent widespread damage.
You also need to be prepared.
Train your people, run tests and trials, and ensure the training has been adopted, not just attended. Regular training, supported by simulated attacks and behavioural analytics, can drive cultural change across your whole enterprise.
Yet, even with the best defences, breaches happen.
We support clients with robust incident response (IR) planning, playbook development and threat-hunting capabilities to detect faster, contain quicker and recover more effectively.
Are You Ready to Mitigate Third-Party Risks?
Scott McKinnon, Field Chief Security Officer UK&I, Palo Alto Networks:
Third-party vendors and contractors often have access to critical systems and sensitive data within an organisation’s supply chain. This access can create several cybersecurity risks.
In the energy and utilities sector, the very nature of the infrastructure’s scale and complexity means third-party vendors, contractors and service providers have deep access into operational networks and IT systems. This also makes it harder to see risks and manage vulnerabilities, potentially impacting the infrastructure, but not controlled by its owner.
End-to-end supply chain visibility is critical, and contractual protections must be backed by technical controls. We support clients in building zero trust relationships with suppliers to enable role-based access, clear segmentation and mandatory monitoring of third-party activities. This goes a long way to managing and mitigating risks.
But strategies for managing technology and ensuring third parties adopt these in a similarly robust fashion must also be included as vital elements in any solution.
How Can You Bridge IT and OT Security?
The traditional divide between IT and OT is dissolving. Cloud services, smart devices and digital transformation converge these domains, creating new risks, as well as new opportunities for resilience.
Hamsa Seshan, Communications Sector Leader, IBM Consulting:
Breaking down the silos between IT and OT teams is a critical step.
However, historically, OT networks were isolated by design.
Today, organisations need a unified cybersecurity strategy. Building an accurate inventory of OT devices, accounting also for the unconnected or unmanaged ones, forms visibility that won’t disrupt processes, keeping operations secure without impacting performance or safety.
IBM Consulting and Palo Alto Networks help clients integrate their Security Operations Centres (SOCs), align detection rules and harmonise IR across IT and OT landscapes to remove silos and reduce risk.
How Can We Get a Return on Our Cybersecurity Investment?
Cybersecurity spend continues to grow. But how can you be sure you are getting the best value?
Security teams are under pressure covering more issues, responding to more incidents and protecting against more threats. Yet more tools add more complexity, demanding more resources than budgets and skills shortages can match.
However, platformisation reduces complexity and eliminates silos, accelerating detection and response by adopting a single, integrated, cloud-delivered cybersecurity platform.
Combined with IBM’s consulting expertise, the platform approach by Palo Alto Networks helps clients rationalise their security stack and drive more value from investments.
ROI isn’t just about cost savings; it’s about enabling innovation. When security becomes a business enabler, organisations can embrace new digital opportunities, knowing resilience is built in.
Wrapping Up
From compliance to continuity and visibility to value, Palo Alto Networks and IBM Consulting are committed to helping the energy and utilities sector unlock the cybersecurity dividend and build a secure tomorrow.
Discover how the strategic partnership between IBM Consulting and Palo Alto Networks can give your organisation a competitive edge with these resources:
Capturing the cybersecurity dividend: How security platforms generate business value.
