We are all connected to the internet; every day, billions of people are online and using digital services. But the digital ecosystem is only effective due to the trust we have in it. And as we grow our online presence, our activities on the internet, and our digital personas, others can capture our data and use it against us. For this reason, securing the digital ecosystem and making it safer to use becomes even more important for us all.
Cybersecurity is currently facing a paradox. The number of attacks and attempted attacks is rapidly growing. And organisations are struggling to adapt and adopt the right approaches in both their technologies and the cybersecurity education of their employees.
Rapid growth in the number of connected devices and the promise of both the Internet-of-Things (IoT) and the Industrial Internet-of-Things makes effective cybersecurity mandatory, not optional.
If we want to benefit from connectivity, we need cybersecurity as an enablement for us to really take advantage of all the promises of the IoT and digital. It’s no longer a question of competitive advantage or minimising the damage, it’s a fundamental requirement of doing business and minimising risk.
A best practice example of an organisation taking cybersecurity seriously is Microsoft, which spends over US$1 billion each year to cybersecurity for its cloud data centres and fends off more than 7 trillion cyberthreats per day. While every data centre may not see “trillions” of cyberthreats per day, companies must have a comprehensive plan in place for the protection of its digital data from theft or corruption.
Effective data centre cybersecurity practices include: encrypted devices, firewalls, IDS/IPS, SIEMs, SOCs, stringent physical security, with documented procedures and clearly-defined business protocols. If you consider cybersecurity a priority, you will have secured the main entry point, put your IT systems into “clusters” and redundantly protect those, and hard connected IT devices through physical communications cables. Cybersecure conscious companies also integrate executive oversight to their c-suite team and add a new role of chief security officer.
Protecting your digital vulnerabilities from cybersecurity attacks
It’s crucial to think about your entire digital ecosystem with a wide view that sees beyond the boundaries of your IT room. In the data centre, most of the focus has been on defending the core where all the servers and storage are located. It’s time to look at cyber protection from all perspectives and all domains of the data centre.
Data centres are often conceived, designed, constructed and managed in 3 domains – the IT room, power and the building (cooling). Knowing where your systems are vulnerable is the key to protecting them. As we have seen from prior examples, once cybercriminals get inside your firewalls, they can navigate their way to customer data or even shut down your business functions or power. These peripheral areas and components are not your core competency – the IT room is.
Act now before it’s too late
We must all be proactive and take offensive actions to mitigate any risk before it becomes a plausible threat. And this is where Schneider Electric supports our customers in their cybersecurity programmes.
The first way to protect clients is ensuring all the technology they are using is cybersecure by design – we have a team that works across our technology portfolio to assess both our hardware and software for any vulnerabilities. We do rigorous testing and the team has the authority to say no to a product going to market if they believe there are vulnerabilities to be fixed that will put clients at risk.
Secondly, when our teams go to customer sites, we make sure both our service and engineering teams know the standard cybersecurity practices: is the system is patched at the right level; what are the customer’s cybersecurity processes, and how can we make sure we are delivering the system with minimum cybersecurity best practices in mind.
The last piece of the puzzle is to guarantee our technologies reduce the cybersecurity risk throughout the whole operation.
Given the risk from cyber threats today, this is a minimum any supplier can undertake for your data centre. And this is the best way you can be ready for the next wave of cybercrime.
