With digital transformation occurring at an unprecedented pace, organisations are thinking more deeply about how they can add to their technology stack. While modern businesses are spending more on adding new technologies to drive efficiency and performance, it is hampered by a poor cybersecurity infrastructure. Malaysia, in particular, is ranked 31st in terms of digital readiness strategy, according to the IMD World Digital Competitiveness Ranking 2022 report.
At the same time, operational technology (OT) organisations have become frequent targets of cyberattacks. According to the 2022 edition of Fortinet’s State of Operational Technology and Cybersecurity report, 100% of Malaysian OT organisations participating in the study had experienced an intrusion in the past 12 months. This shows that there is a widespread security gap present in OT industries as well as a critical need to reinforce the cybersecurity infrastructure. Other key findings of the report include:
OT activities lack centralised visibility, increasing security risks. The Fortinet report found that only 12% of Malaysian respondents had achieved centralised visibility of all OT activities. This indicates that most companies have a weak security posture, which can translate into an increased risk of cybersecurity incidents.
OT security intrusions significantly impact productivity and bottom lines. In Malaysia, the top three types of intrusions that organisations experienced were phishing emails, malware and insider breaches. As a result of these intrusions, 59% of organisations suffered an operation outage that affected productivity with 92% of intrusions taking up to a few hours to return to service. The rest took longer, eating up days’, weeks’ or months’ worth of productivity.
Ownership of OT security is inconsistent. OT security management primarily falls under directing or managerial roles, including director of plant operations and manager of manufacturing operations. Only 24% of Malaysian respondents say that the chief information security officer (Ciso) is responsible for OT security at their organisation.
OT complexity has opened new security gaps to exploit. In Malaysia, 82% of OT organisations have 1,000 to 10,000 IP-enabled OT devices in operations. This creates a difficult security environment as IT and OT teams are struggling to identify effective OT security tools at their disposal to reinforce their cyber infrastructure, creating further gaps in OT security.
Consolidating cybersecurity via integration
When it comes to creating a robust cybersecurity platform, a unified architecture that can bring scattered infrastructure and deployments under IT control is not enough. Organisations also want a secure and straightforward deployment of new technologies and services into their infrastructure. A broad, integrated and automated cybersecurity mesh platform can be a universal workaround that supports interoperability across an array of solutions while automatically adapting to changes on the network.
The functions of cybersecurity mesh platforms can be easily explained with toy building blocks. These toy blocks have become popular worldwide because of how easy they are to assemble, thanks to the use of standardised anti-studs on their undersides. The blocks are designed in such a way that they are always compatible with those purchased separately or have different shapes.
This coincides with the construction of enterprise cybersecurity mesh platforms that comprise different modules (blocks), standardised interfaces (anti-studs) and a unique framework design (finished product). Firstly, modules provide the security architecture with its intended capabilities. Secondly, a standardised interface can lead to easy integration and, lastly, a unique framework design helps IT experts figure out exactly where they can integrate the new modules. These three elements work hand in hand to support the building of a robust, integrated security architecture.
Improved integration also enables more of the incident response process to be automated, reducing the potential for configuration errors that may occur when working with different systems. In addition, this will allow organisations to realise a reinforced cybersecurity mesh architecture. Organisations that integrate a reinforced security framework into their operations will be able to enjoy reduced security enforcement complexity, streamlined operations and increased threat detection and response capabilities that can lead to secure digital transformation outcomes.
By using the building block concept, organisations need to consider their security needs before identifying the best solutions to integrate into their infrastructure. The goal of a mesh architecture is to provide security where it is needed through consistent policy enforcement, threat intelligence, automated remediation and deep visibility across all deployments. In the face of an ever-evolving threat landscape, organisations can no longer take a wait-and-see approach lest they fall victim to attacks that cause crippling financial and reputational losses. By ensuring a secured and fully managed network environment, businesses will be able to build positive experiences and maintain the trust of both their customers and employees, which translates to better business outcomes.
Daniel Kwong is the field chief information security officer for Southeast Asia and the Hong Kong region at cybersecurity solutions provider Fortinet