INDUSTRY WATCH
IN TODAY’S HYPER-
COMPETITIVE
ENVIRONMENT, NO
MANUFACTURER CAN
AFFORD A DISRUPTION.
Vinod Kumar, CEO, Subex
controls to thwart such attacks to discourage
the actors behind them. Otherwise, erosion
of credibility and loss of revenue will be swift.
In today’s hyper-competitive environment,
no manufacturer can afford a disruption.
The biggest change the pandemic has
influenced is the extension of the perimeter.
Today a company’s assets extend beyond
its networks and physical security. The only
security option that exists today is for each
asset to present a perimeter to protect
itself because the assumption to be made
is that these assets exist in an insecure
environment such as insecure home
networks, public Wi-Fi, etc and thus these
assets could become conduits of entry into
the company’s secure network.
What steps can CIOs and CISOs
within this sector take to improve
their security posture?
modifications and operations required
to mitigate it
• Evaluate supply chains linking with key
processes and equipment to avoid supply
chain poisoning
• Fortify your threat posture: regularly
conduct on-going rain checks on key
measurement criteria and targets. Align
them with the prevailing threat landscape
and threat actor and malware behaviour
• Have regular conversations with all
stakeholders and encourage
employees and others to identify
areas for improvement from a
cybersecurity perspective
• Understand that the perimeter cannot
be the only defensive strategy, deploy
solutions that bring extreme visibility
concerning network use by monitoring all
traffic for anomalous behaviour
• Segregate the network to protect your
crown jewels, this is very basic but
we have seen that this is being rarely
implemented especially with OT, IoT and
IT convergence
What best practice advice would
you offer CISOs within this sector
looking to create a robust long-term
security strategy?
Cybersecurity should be viewed as an
investment in improving value. Employees
and all stakeholders need to work together
to secure businesses from within and
outside. Periodic audits conducted
with the same level of diligence as
financial audits need to be conducted
while best practices are adopted at a
regular frequency. A siloed approach
to cybersecurity defeats the core
purpose of securing an enterprise so
all stakeholders need to come together
to fight the forces of disruption while
adopting a zero-trust stand.
Can a good cybersecurity posture
also provide business benefits?
Yes, it helps build credibility, reduces
the risks of revenue attrition due to
cyberattacks and ransom payments.
Beyond all this, cybersecurity instils
discipline and improves situational
awareness among all stakeholders.
Typically, according to our calculations,
RoI from improving cybersecurity can be
gained within the first year itself, if not
earlier. Considering the average cost of a
breach, it could even happen earlier.
Can you tell us about the
work Subex is doing to
protect businesses?
We are providing critical infrastructure
grade cybersecurity to businesses around
the world. This includes telcos, oil and
gas entities, Smart Cities, manufacturing
plants and new-age manufacturers. We
run the world’s largest threat intelligence
gathering facility that supports our
cybersecurity solution and the services
we offer. We can provide asset visibility,
identify, mitigate and analyse the unique
threats that emerge as also conventional
threats and those that emerge from
converged environments. •
To secure assets, data and systems
connected with manufacturing, a multipronged
strategy must be adopted
that includes:
• Building an enterprise risk model: look
at security from an inside-outside
perspective starting with visibility of all
the assets deployed, assets that could be
targeted and associated vulnerabilities,
employees who could be targeted and
then link it with strategic decisions
about infrastructure, technology, process
74 INTELLIGENTCIO
www.intelligentcio.com