FEATURE: MANUFACTURING SECURITY
incident (for example, is it state-
sponsored or hacktivism) should
also help determine the prescribed
approach to take.
Lastly, organisations should harden the
security configurations of systems and
servers, including revoking privileged
access to endpoints. Malware, for
instance, requires administrative level
privileges to execute on machines.
If an organisation took these
administrative privileges away, nearly
90% of infections on machines would
stop – all via one fairly simple fix.
46
INTELLIGENTCIO
Don’t forget that security controls
do hinder on culture. How hard is
it to implement certain protocols
in your organisation? IT can
make a recommendation for
application whitelisting, which is
when organisations prevent the
usage of unapproved applications
that can be launched on end-user
/ server computers, but it can be
extremely difficult to implement
since applications within a
manufacturing environment can be
so diverse and users may be averse
to these restrictions. Evaluate your
internal culture to determine which
procedures are best to secure the
business.
Conclusion: Metrics matter
With all of the aforementioned
prevention methods in place,
manufacturers must also understand
just how their organisation is
performing when it comes to cyber
security. Are the number of threats
detected decreasing? Is employee
security awareness increasing
through the reduction of the number
of links or attachments clicked?
www.intelligentcio.com