Engineer News Network The ultimate online news and information resource for today’s engineer
Nick Boughton outlines the findings of World Economic Forum’s 2019 Global Risk Report and how manufacturers can enhance their cybersecurity strategy
“Is the world sleep walking into a crisis?” That is the question Børge Brende, president of the World Economic Forum (WEF), poses in this year’s report.
In January 2019, amongst the snow-caped mountains of Davos, Switzerland, WEF assembled once again for its annual meeting to discuss the biggest risks our world currently faces.
Top of the agenda was cybersecurity, and how businesses can continue to grow their ever-expanding digital footprint, while mitigating the risks of attack.
Published against a backdrop of growing global tensions, the report uses data from private insurers, government publications and academic studies to rank the risks that jeopardise today’s society. Ranking fourth and fifth, cyber-attacks and data breaches are amongst the most serious.
It is the second year in a row that these threats have been present in the top five concerns and are considered amongst the most critical man-made risks, short of failure to improve climate change.
With cybersecurity at the forefront of many minds, what can be done to ease concern?
Unexpected consequences
The explosive growth of connected devices brings with it the chance of unexpected consequences. Take the disruption caused by the Heathrow drone sightings for example.
Although evidence of any insidious agenda is yet to come to light, it was the unknown potential damage of the drone that brought the UK’s busiest airport to a grinding halt.
While technology significantly contributes to global growth, are we prepared to act if things take a darker turn?
Despite being the creators of innovation, we are living in a realm of uncharted territory.
With digital systems designed to monitor our power supplies, traffic flows and personal data, there is a looming feeling that technology is not adequately accompanied by measures to mitigate the risk of attack.
Infiltrating infrastructure
Another key concern raised by WEF is the risk cyber-attacks pose to critical infrastructure.
With Internet of Things (IoT) devices firmly embedded into industrial environments, the report warns that the “potential vulnerability of critical technological infrastructure has increasingly become a national security concern”. The increase in connectivity could provide an easily-accessible back door for hackers to gain access into some of society’s most vital resources.
In July 2018, the US government stated that hackers had gained remote access to the control rooms of utility companies, even though command centre computers were not directly linked to the web.
The group behind the attacks, known as Dragonfly or Energetic Bear, used spear-fishing emails make staff visit spoofed or hacked social media sites, giving allowing them to steal credentials of corporate networks of suppliers and gain access to utilities.
The cybersecurity skills gap
Attacks are happening on a new, emerging battlefield. As attackers ramp up their methods and develop increasingly more sophisticated hacks, there simply isn’t a sufficient number of ‘white hats’ to address growing cyber threats. In fact, Cybersecurity Ventures Cybersecurity Job Report estimates that there will be 3.5 million unfilled cybersecurity positions by 2021.
A reason for the gap is that the digital marketplace is creating more jobs than the current supply of security professionals can meet. There is also no efficient way of creating and training enough skilled practitioners at the same rate as technological expansion.
Getting prepared
The report declares that world governments tend to be underprepared for mitigating cyberattacks. To combat cyber concerns, businesses need to work to mitigate risks on a collaborative basis, with a team of experts who have a knowledge of their facility’s technology and the potential of any risks it may pose.
An effective cybersecurity strategy is at its most successful when it is integrated with risk management procedures.
At Boulting Technology, our engineers are experienced in integrating existing systems and replacing legacy controllers with modern, connected alternatives.
To minimise the danger posed by connected technologies, and to tackle the cybersecurity skills gap, it is essential that staff undergo rigorous training.
To avoid sleep walking into a crisis, we need to be aware of the risks they pose. While technology boosts productivity in businesses across the globe, new equipment and its risks must be evaluated to reduce cyberthreats and ease concern.
Nick Boughton is digital lead at leading systems integrator Boulting Technology.
