Cybersecurity Risk Management: Prepare for the Unthinkable

PB 25 Rockwell newlogo 400

August 10, 2021

By Nir Sasson, Network Security Consultant, Avnet, a Rockwell Automation company

In cyber risk management, there are two important corner stones:

  1.    1. To conceive the scenarios.
  2.    2. To find a way to minimize the damage in each scenario.

When no one thinks to plan for what to do in the worst-case scenario, trouble strikes. What if you only think of avoiding the “unthinkable” and not what to do if it does happen?  

I like to consider what happened to the Titanic. 

Risk management is more than avoiding the worst 

At the time of the Titanic, one would assume that avoiding a collision with an iceberg was the standard procedure. Therefore, the crew created scenarios and defensive measures were planned and implemented.

The ship’s captain followed the procedure: placed two skilled lookouts at the horizon to provide the expected 20 minutes warning. But, because of low visibility, they were only able to give a minute of warning. With so little time, the collision was unavoidable.

No one had prepared for this scenario. There was no “collision with an iceberg procedure,” only “avoid collision with iceberg procedure”. And so, the story goes; we all know what happened to the Titanic.

The power of risk mitigation

In cybersecurity risk management, the goal is to be prepared for the unthinkable scenario and find the optimal defense measure to minimize the damage. Essentially, to know what to do when you can’t avoid the iceberg. 

Let’s look at an example. A cyberattack approaches the organizational IT/OT systems. The CISO faces a choice: repel the cyberattack or adopt a more elaborate way of managing the risk.

Step one is figuring out what we call the “starting conditions”. Can the attack be avoided? Or does it have to be mitigated?  

Prevailing over cyberattacks requires intelligence methodologies of deception (heard of honeypots?) and many more. But maybe it is better to lure the cyberattack to “penetrate” the cyber perimeter defenses and let the attacker be deceived and think his attack commences as he planned. Then defend from inside the organization. In that case, it would be best to assume that the “starting condition” is that the attack is inevitable – the attacker is getting through the firewall.

In this case, it would be best to perform the procedure planned for mitigation, not avoidance. Let the cyberattack commence and try to minimize the impact. 

It is not a trivial way of thinking. The initial instinct is to make it stop, especially if your whole business is on the line. That is why it is so important to have a risk management expert or team experienced in mapping out scenarios and next steps. This requires people who can think on the fly, ask the right questions and problem solve. 

Security assessment

Given the vastness of today’s threat landscape, no single security product, technology or methodology will suffice at blocking the unthinkable from happening. 

A security assessment should be the starting point for any security policy implementation. It will help you understand your current security posture regarding your software, networks, control system, policies, procedures and employee behaviors. It also will identify the mitigation techniques needed to bring your operation to an acceptable risk state. 

Rockwell Automation works with companies to provide the expertise and skills needed to identify cybersecurity risks.

Source

Related Articles


Changing Scene

  • Andreas Sobotta to Assume Role of Vice President North and South America for Pilz Automation

    Andreas Sobotta to Assume Role of Vice President North and South America for Pilz Automation

    Pilz Automation Safety Canada L.P. announces that their long-term CEO and GM, Andreas Sobotta, will assume the role of Vice President North and South America, effective immediately. He will still work from the Canadian office in Mississauga and visit all other subsidiaries in North and South America. Pilz will take their time to find a… Read More…

  • SEW-Eurodrive: MAXOLUTION System Solutions

    SEW-Eurodrive: MAXOLUTION System Solutions

    Whether in production or logistics operations, MAXOLUTION is synonymous with innovation in factory automation – across all industries and worldwide – helping you achieve your vision of an adaptable and resilient lean smart factory. Under the MAXOLUTION brand, SEW-EURODRIVE creates customized solutions for cutting-edge materials handling technology – from the shop floor through to IT.… Read More…


Sponsored Content
The Easy Way to the Industrial IoT

The way to the Industrial IoT does not have to be complicated. Whether access to valuable data is required or new, data-driven services are to be generated, Weidmuller enables its customers to go from data to value the easy way. Weidmuller’s comprehensive and cutting-edge IIoT portfolio applies to greenfield and brownfield applications. Weidmuller offers components and solutions from data acquisition, data pre-processing, data communication and data analysis.

Visit Weidmuller’s Industrial IoT Portfolio.


ADVANCED Motion Controls Takes Servo Drives to New Heights (and Depths) with FlexPro Extended Environment Product Line

Advanced Motion Controls is proud to announce the addition of six new CANopen servo drives with Extended Environment capabilities to their FlexPro line. These new drives join AMC’s existing EtherCAT Extended Environment FlexPro drives, making the FlexPro line the go-to solution for motion control applications in harsh environments.

Many motion control applications take place in conditions that are less than ideal, such as extreme temperatures, high and low pressures, shocks and vibrations, and contamination. Electronics, including servo drives, can malfunction or sustain permanent damage in these conditions.

Read More


Service Wire Co. Announces New Titles for Key Executives

Bruce Kesler and Mark Gatewood have been given new titles and responsibilities for Service Wire Co.

Bruce Kesler has assumed the role of Senior Director – Business Development. Bruce will be responsible for Service Wire’s largest strategic accounts and our growing Strategic Accounts Team.

Mark Gatewood has been promoted to the role of Vice President – Sales & Marketing. In this role, Gatewood will lead the efforts of Service Wire Company’s entire sales and marketing organization in all market verticals.

Read More


Tri-Mach Announces the Purchase of an Additional 45,000 sq ft. Facility

Tri-Mach Elmira Facility

Recently, Tri-Mach Inc. was thrilled to announce the addition of a new 45,000 sq ft. facility. Located at 285 Union St., Elmira, ON, this facility expands Tri-Mach’s capabilities, allowing them to better serve the growing needs of their customers.

Positioning for growth, this additional facility will allow Tri-Mach to continue taking on large-scale projects, enhance product performance testing, and provide equipment storage for their customers. The building will also be the new home to their Skilled Trades Centre of Excellence.

Read More


JMP Parent Company, CONVERGIX Acquires AGR Automation, Expanding Global Reach

Convergix Automation Solutions has completed the acquisition of AGR Automation (“AGR”), a UK-based provider of custom, high-performance automation design and systems integration primarily to the life sciences industry.

Following Convergix’s acquisitions of JMP Solutions in August 2021 and Classic Design in February 2022, AGR marks the third investment in Crestview’s strategy to build Convergix into a diversified automation solutions provider targeting the global $500+ billion market, with a particular focus on the $70 billion global systems integration and connectivity segments. Financial terms of the transaction were not disclosed.

Read More


Latest Articles

  • Making the Sustainable Transformation of the Process Industry a Success

    Making the Sustainable Transformation of the Process Industry a Success

    By Krystie Johnston and Dr. Manfred Jagiella – Sustainability facilitates opportunity when approached with a mindset to preserve resources and promote circularity. We share one Earth, and it is our global responsibility to care for it for the next generation. Endress+Hauser is one global company that understands this responsibility – and practices it as well.… Read More…

  • Why NOARK’s 12VDC Shunt Trip Coils for MCCBs Make Power Systems Reliable and Safer

    Why NOARK’s 12VDC Shunt Trip Coils for MCCBs Make Power Systems Reliable and Safer

    Circuit breakers are an essential component of any modern electrical system. Designed to protect your home or business from potential overloads or short circuits, these devices are your first line of defense against electrical fires. There are, however, situations where remote tripping of the circuit breaker may be required. It could be for operational reasons,… Read More…