Skip to content
Home » Navigating the rising threat of cyber attacks on industrial systems Part 3

Navigating the rising threat of cyber attacks on industrial systems Part 3

Edited by Eamonn Ryan

The following presentation was delivered at the 2023 GCCA Cold Chain Conference in Cape Town, by cybersecurity expert and 30-year veteran Charl van Niekerk, CEO of 2TS, on the topic ‘Industrial Systems, the New Frontier for Cyber Attacks’. This is Part 3 of a three-part series.

Lizelle van der Berg, past director of GCCA Africa, introducing the speaker.
Lizelle van der Berg, past director of GCCA Africa, introducing the speaker. ©Cold Link Africa

…continued from Part 2.

A proactive approach

Practical strategies to mitigate cybersecurity risks need to target low-hanging fruit. Given the simplicity with which attackers exploit known vulnerabilities, organisations need to treat this issue with the seriousness it deserves. Identifying and patching these vulnerabilities should be a priority to strengthen defenses.

One strategy should be to adopt a converged security environment with a single entity overseeing both IT and OT security. This convergence allows for a comprehensive understanding of the organisation’s cybersecurity landscape and facilitates a more cohesive and effective response to threats.

Given the inevitability of cyber incidents, it’s not a matter of ‘if’ but ‘when’ cyber resilience must be of paramount importance to all businesses by equipping themselves to identify and resolve cyber threats swiftly. The focus should be on reducing the time between detecting an incident and resolving it.

Our analytics work with clients has on average revealed 40% more devices in a system than the company was aware of. This is because of the nature of OT – to install devices and sensors and thereafter forget them. Therefore, this involves continuous monitoring and adaptation – given the dynamic nature of cybersecurity, various devices and applications evolve over time. To keep pace with these changes, organisations must implement continuous monitoring practices that align with the evolving nature of cyber threats.

I encourage organisations to leverage their cybersecurity history and analytics. It is important to understand the devices within an environment and ensure that the organisation’s awareness matches the reality of its cyber landscape. Analytics play a crucial role in identifying anomalies and potential threats, aiding in proactive cybersecurity measures.

It is also necessary to have specialists within the business dedicated to cybersecurity. As the nature of cyber threats becomes more sophisticated, having experts in-house ensures rapid and effective responses to incidents. This is part of the holistic management of cybersecurity, as it intersects with various aspects of business operations.

Comparing cybersecurity to fire prevention in a cold storage facility, it is important to invest in prevention measures. Rather than solely reacting to incidents, organisations should proactively put measures in place to prevent and mitigate cyber threats – reinforcing the idea that prevention is more effective than dealing with the aftermath.

From the simplicity of exploiting vulnerabilities to the complexities of convergence and resilience, there is a roadmap for organisations seeking to fortify their defenses. As industries embark on this shared journey towards cybersecurity resilience, collaborations with specialised entities may prove instrumental in navigating the intricate challenges posed by cyber threats in the industrial realm.