Leden in de kijker
Vito Rallo & Nick Maeckelberghe
Today, having a cyber incident response plan might be more important than having a good plan to prevent cyber-attacks. Analysts insist: “It is not a question if, but when you will get breached.” Kroll's European cyber security team, operating from Brussels, offers industrial clients and utilities risk and cyber security advisory solutions for traditional Information Technology (IT) and the Operational Technology in place to support the production and industrial processes (OT). Together with the Cyber Security Coalition, Kroll aims at making the industrial sector more resilient to cyber-attacks.
Kroll provides insight into the importance of OT cyber security (alongside IT)
Kroll is a global independent provider of risk and financial advisory solutions headquartered in New York, with offices around the world. Two years ago, the company spun off the Belgium hub to better support clients in Europe. Today, the Belgium hub counts 8 people with strong specialized profiles to cover Offensive Security, Incident Response, and GRC work with a global backbone of over 600 people. Nick Maeckelberghe drives business development within European countries to further expand the footprint and Kroll’s brand in Europe. Vito Rallo, brings over 2 decades of cyber security experience, of which 10 were spent working in the field of OT.
Cyber Risk is one of Kroll’s seven divisions providing five major service lines: Offensive Security, Digital Forensics and Incident Response, MDR (managed detection and response), CISO & Advisory, and Breach notification. “We assist our clients with the most challenging cyber security matters ranging from comprehensive penetration testing to troubleshooting, improving SecOps via Detection Engineering and Security as Code and we help clients comply with the latest regulations,” Nick explains.
The Kroll brand may sound new in the Belgian cyber community, but Kroll has a strong reputation in the US and UK, thanks to the panel and alliances with all the major cyber insurance providers and legal councils. “Our team is part of a global entity, so we are not geographically limited. We are in the luxury position to serve customers all over the world,” Vito adds.
IT vs OT
When talking about digital evolutions, Vito keeps insisting on the big differences between IT and OT. IT is well-known: it refers to any devices that are somehow connected to the internet and/or accessible from outside and serves the typical business or office digital needs. Operational Technology (OT), has the goal to support industrial and operational processes, like production, automation, transmission, transportation etc. For years, and still today in many cases, OT systems are not connected to the internet and not accessible from outside. This design principle is disappearing under the booming trend of connecting everything, also known as Industry 4.0.
OT’s main concern is to prevent downtime as much as possible caring about physical safety before cybersecurity, and ensuring proper on-time, if not real-time, operations. “The maturity levels of the two are like night and day. They evolve at a completely different pace and the lifespan of OT systems is much longer than IT devices due to the bigger investment. OT is there to stay for years”, Vito commented. Due to the increase in ransomware attacks, the need to improve resilience against cyber-attacks broke through the gates of the shop (production) floor. “Our clients are starting to realize the dramatic impact of cyber-attacks on production systems or operations. More and more clients are asking us to help them achieve resilience, simulate realistic attacks, improve visibility and defences,” Vito says.
Keeping it fresh
Kroll made a deliberate decision to join the Cyber Security Coalition. “The Coalition has done a lot for us and for the industrial sector in these past years. To give something back, we are participating in the Industrial Focus Group, and Jean-Georges Valle will be joining an expert panel discussion in October. We always try to address relevant, hot topics, and discuss with the focus group what is important for the industry, which will benefit our clients and the members of the Coalition,” Nick adds.
Vito, as keynote speaker, tries to ensure companies don’t always hear the same speech. “I ask myself: What can Kroll do to make the focus group fresher and more attractive? We have been talking about the protection of industrial systems, segregation of networks, monitoring of those networks … for years. We want to create new, valuable input for the Coalition.” He, therefore, focuses on pre-incident business preparation plans, the priorities of different business lines, setting up a proper incident response plan for the OT environment, etc. “It all starts by making CISOs realize that the approach and priorities of an OT incident are completely different from an IT incident. When something goes wrong, Incident Response in OT is a totally different game” Vito concludes.
The Coalition’s strength is to unite various members, so they can benefit from each other’s experience. It aims to become the biggest independent entity in Belgium to which companies with IT and OT challenges or questions can come for help. Additionally, the Coalition keeps members informed on relevant and current topics by organizing inspiring events and discussing challenges, evolutions and new regulations in the focus groups. Together, we continue to spread the message and reach out to as many companies as possible. We cannot stress enough that is time to act.
Deel deze nuttige inhoud met vrienden: