infrastructure environments that have experienced significant corporate restructuring through acquisition
            activities.

            Companies  should  be  encouraged  to  evaluate  the  overlap  of  existing  technologies  (asset
            discovery/management platforms, network IDSs, network performance monitoring, etc.) and determine
            which functions are being performed by which tools. Tool rationalization studies to help better understand
            these overlapping functions are a great way to reduce technology debt.

            These  tools  are  often  cited  as  the  “mechanism”  or  centralized  data  collection  point  for  determining
            compliance with security frameworks by providing evidence and artifacts. In some cases, tools are used
            as the primary system backup/recovery method—a foundational element of business continuity planning.

            If you could give one critical piece of advice to CISOs about ensuring safe operations, what would
            it be?

            Whether we are looking at this challenge through an operational or organisational safety lens, cyber risk
            is a critical business risk. An incident will impact everyone.

            Communicating cybersecurity, and more specifically the different approaches to managing cyber risk, to
            a board is not an easy task for CISOs.

            But we can speak to its ROI. Companies can enhance corporate value through improved performance
            by understanding their unique operational risks and managing these proactively. They can do this a
            number of ways by applying the right combination of actionable insights from digital tools, field techniques
            and expertise from engineering and data science. No singular solution exists because each company’s
            risk profile is unique.

            There's more work and training to be done to fully integrate cybersecurity into organisational practices
            that reinforce operational readiness.



            About the Expert

            Blake  Benson,  Senior  Director,  Cybersecurity  Practice  Lead.  Blake  Benson
            leads the industrial cybersecurity practice at ABS Consulting, where he works
            closely with industry stakeholders, government leaders and senior executives
            across  critical  infrastructure  sectors.  His  responsibilities  include  providing  a
            strategic understanding of operational technology (OT) cybersecurity risks to the
            nation’s essential assets and operations. Blake has expertise in solving complex
            risk-based  problems  and  specializes  in  developing  tailored,  environment-
            specific approaches to help both government and commercial clients develop
            and implement the security solutions and controls necessary to manage cyber
            risk.

            Blake joined ABS Consulting in 2019 and is a Knoxville, Tennessee native and United States Air Force
            (USAF) veteran. While in the USAF, Blake was a founding member of one of the first operational cyber
            units.





                                                                                                            115