The threats that digital-forward organizations are facing might have evolved from a technical perspective, but protection and risk mitigation activities do not need to shift priorities, says Blake Benson, senior director and cybersecurity practice lead for ABS Consulting Inc., an affiliate of the American Bureau of Shipping (ABS). According to Benson, CISOs at organizations who are responsible for critical assets should still focus on “right of boom” recovery and response, blocking and tackling on the programmatic basics before making capital investments in detection technologies.
As organizations build resilience by mitigating operational supply chain risks, adopting a holistic risk management approach and fostering a culture of cyber resilience, communication is a crucial key in managing evolving cyber risk. Strengthening public and private collaborations is important as organizations strive to align on cybersecurity regulations, standards and technical solutions to drive consistent and effective practices. Organizations must work to ensure that cyber risk management is a board-level priority, Benson underscores, with executives taking an active role in advancing resilience initiatives.
Cyber Defense Magazine sat down to review Benson’s top considerations for building cyber resilience.
How do evolving regulatory frameworks influence how companies approach cyber resilience and business continuity?
Regulatory frameworks set a baseline and targets for where we need to go on the cybersecurity journey. Objective, third-party safety organizations add to that by bringing forward standards, guidance and compliance support with a critical mission: help protect life, property and the environment.
These safety and risk frameworks help us champion the security and sustainability of vital infrastructures worldwide, but evolving regulations can be difficult to navigate depending on where you are on the journey. Generally, our clients need help in prioritizing which cybersecurity activities required by regulation are going to contribute to their existing safety and security goals and what level of effort will be required to implement those activities.
What’s your perspective on the role of government and private sector collaboration in improving cyber resilience?
Cross-collaboration is essential to build a resilient ecosystem for cybersecurity. Conversations need to happen between the sectors so that government and industry are in lock step with staying vigilant, improving systems and processes and applying best practices. Technology innovations and knowledge expertise from the private sector can support government agencies in improving their frontline defense. In many cases, industry should be leading the charge on collaboration because they have a higher concentration of expertise specific to each regulated industry.
How do technologies like AI and automation impact cyber resilience strategies?
We are in a rapidly evolving digital era where AI has the potential to transform everything in cybersecurity and management consulting, from regulation to operating procedures. This poses both challenges and opportunities to respond and reshape a new safety protection frontier.
AI’s ability to generate real-time insights, risk assessments and behavior monitoring will improve hazard detection through visualization. For threat actors, the introduction of AI means that they can generate malware quicker and rapidly develop an understanding of previously isolated, cottage operations. The speed at which the industry needs to adopt automation implementations needs to at least match and preferably exceed the speed at which threat actors are iterating novel approaches. Technologies that provide predictive, actionable insights enable us to see beyond current limitations so we can find new ways and a new operating model that will fundamentally alter the nature of safety. What this means from a safety and risk perspective is that safety going forward will not be defined as just the absence of accidents. It will be a new way of thinking about performance as a predictive metric for reliability, leveraging datasets that were previously disparate and unrelated.
What trends do you predict will shape the future of cyber risk management and business continuity planning?
Industry stakeholders responsible for operating facilities and processes in critical infrastructure environments—such as energy and transportation—are increasingly grappling with the challenges of technology debt. Technology debt refers to the accumulation of systems, software and hardware that hinder operational efficiency, security and scalability. This issue is particularly acute in critical infrastructure environments that have experienced significant corporate restructuring through acquisition activities.
Companies should be encouraged to evaluate the overlap of existing technologies (asset discovery/management platforms, network IDSs, network performance monitoring, etc.) and determine which functions are being performed by which tools. Tool rationalization studies to help better understand these overlapping functions are a great way to reduce technology debt.
These tools are often cited as the “mechanism” or centralized data collection point for determining compliance with security frameworks by providing evidence and artifacts. In some cases, tools are used as the primary system backup/recovery method—a foundational element of business continuity planning.
If you could give one critical piece of advice to CISOs about ensuring safe operations, what would it be?
Whether we are looking at this challenge through an operational or organisational safety lens, cyber risk is a critical business risk. An incident will impact everyone.
Communicating cybersecurity, and more specifically the different approaches to managing cyber risk, to a board is not an easy task for CISOs.
But we can speak to its ROI. Companies can enhance corporate value through improved performance by understanding their unique operational risks and managing these proactively. They can do this a number of ways by applying the right combination of actionable insights from digital tools, field techniques and expertise from engineering and data science. No singular solution exists because each company’s risk profile is unique.
There’s more work and training to be done to fully integrate cybersecurity into organisational practices that reinforce operational readiness.
About the Expert
Blake Benson, Senior Director, Cybersecurity Practice Lead. Blake Benson leads the industrial cybersecurity practice at ABS Consulting, where he works closely with industry stakeholders, government leaders and senior executives across critical infrastructure sectors. His responsibilities include providing a strategic understanding of operational technology (OT) cybersecurity risks to the nation’s essential assets and operations. Blake has expertise in solving complex risk-based problems and specializes in developing tailored, environment-specific approaches to help both government and commercial clients develop and implement the security solutions and controls necessary to manage cyber risk.
Blake joined ABS Consulting in 2019 and is a Knoxville, Tennessee native and United States Air Force (USAF) veteran. While in the USAF, Blake was a founding member of one of the first operational cyber units.
