INDUSTRY WATCH
there is no second chance. You need
to always look out for emerging risks
and maintain a holistic approach that
includes assessing and enhancing
existing systems, protecting data
and assets, responding quickly when
anomalies occur and collaborating with
partners across our shared ecosystem.
How is the cyber risk
landscape changing?
Today’s risk landscape is changing very
fast and becoming increasingly diverse,
requiring a steadfast commitment
from companies and cybersecurity
professionals. Unprecedented
conversations between connected
machines, systems and people are
helping us shatter the barriers of
productivity. However, there’s an
inherent byproduct from this flow of
new data: the threat of cyber attacks.
We see threats coming from cyber
crime aimed at financial motives like
ransomware, cyber war supported
by trained hackers/nation states and
hacktivism bent on disruption. The
targets of these attacks are also diverse,
from going after sensitive business and
financial information to life-threatening
scenarios like the compromise of
healthcare equipment. It’s a complex
environment and our solutions and
response require tailored expertise.
GE we have close to 1,200 cybersecurity
and technology risk professionals
working as one dedicated global team.
What are the challenges in
your role as CISO?
Cyber threats and threat actors are
evolving. Each day we come across new
threats and we need to stay ahead of
these adversaries. In cyber security,
www.intelligentcio.com
What is the normal security
strategy for OT threats?
In an OT environment, we are most
concerned about 1) Availability,
2) Integrity and 3) Confidentiality
compared to 1) Confidentiality, 2)
Integrity and 3) Availability in a
traditional IT world. As a leader in
the Industrial Internet of Things, GE
understands this nuance. Our physical
assets comprise much of the world’s
critical infrastructure and our digital
infrastructure connects those assets, not
to mention more than 300,000 global
GE employees. With the acquisition
of Wurldtech, GE is able to provide
advanced security platforms for OT
environments that help protect control
systems, critical infrastructure assets
and people. We apply some of the best
practices internally, such as regular risk
assessments on our products, industry
THERE SHOULD BE
ALWAYS A BALANCE
BETWEEN SECURITY
AND OPERATIONAL
NEEDS. WITH MORE AND
MORE USAGE OF MOBILE
DEVICES FOR DAY TO
DAY OPERATIONS,
THERE SHOULD BE MORE
FOCUS ON APPROPRIATE
USE OF MOBILE DEVICES
AND APPLICATIONS
(APPS)
certifications, regular patching process
and more importantly an OT firewall
which monitors OT traffic/protocols and
blocks anything which is malicious.
Moving forward, what
other areas of cyber will be
important to consider?
As we are living in an age of cloudbased infrastructure and more
and more machines are getting
interconnected, there should be focus
on information protection - how is it
transferred, where is it processed, who/
how is processing information? Also,
we are living in an era where everyone
has a digital profile. It is very easy
to know some one’s personal details
like educational background, hobbies
and areas of interest from social
media and social networks, which can
be easily misused. There should be
continued focus on security awareness
to educate employees about these
risks. Another area to focus is mobility.
There should be always a balance
between security and operational
needs. With more and more usage
of mobile devices for day to day
operations, there should be more focus
INTELLIGENTCIO
77