CEOs responsible for the majority of cyber-physical security incidents
Recently Gartner published the results of a study he carried out on the impact of certain behaviors on business safety.
The report is pretty mind-boggling. Indeed, the study showed that 75% of business leaders will be the leading causes of computer security incidents by 2024. This is in a context where the financial consequences will be increasingly severe for businesses.
This article will also interest you: Information system security officials are under pressure because of the coronavirus pandemic
By computer incident Gartner's report highlights the issue of cyber physical security. The reference here is that it is an incident that could have damage that could have a physical impact on people, property and, by extension, the environment. The caution report shows that this problem is likely to be in intensity in the coming years. This is because there has been a great deal of neglect in terms of spending and actions on cybersecurity
"75% of CEOs will be personally responsible for cyber-physical security incidents by 2024, as the financial impact of violations increases," Gartner estimates
To the question of what exactly cyber physical security is let's interest us to know what can be called cyber physical systems. These systems are defined by Gartner as computer tools have been specially designed for certain actions such as:
– detection
– the calculation
– the upgrade
– control
– analysis
And all this in a context of interaction with the physical world. These systems are generally placed as the foundation of the majority of actions in the field:
– information technology
– the Internet of Things
– operational technologies
Areas where the security requirement requires considerations not only virtual, but also physical. Examples include IT infrastructures linked to health facilities or those that generally affect relatively sensitive assets such as industry.
"Regulators and governments will respond quickly to an increase in serious incidents resulting from the failure to secure cyber-physical systems, by significantly increasing the rules and regulations that govern them. In the United States, the FBI, NSA and Cybersecurity and Infrastructure Security Agency (CISA) have already increased the frequency and details provided regarding threats to critical infrastructure systems, most of which are privately owned. Soon, CEOs will no longer be able to plead ignorance or hide behind insurance policies," said Katell Thielemann, Vice President of Research at Gartner.
Another very important point to note is the considerable cost of this upcoming computer problem. That's why Garner encourages CEOs to take matters into their own hands. According to the company's results, computer incidents affecting cyber physical systems have caused and will cause damage that can be estimated to reach $50 billion by 2023. Not to mention the fatal victims that this will create as well as the upheavals related to the organization of companies, legal disputes that will be related to compensation actions or administrative sanctions.
"Technology leaders need to help CEOs understand the risks of cyber-physical systems and the need to focus on securing them. The more cyber-physical systems are connected, the greater the likelihood of an incident occurring," Thielemann later noted.
This problem must be more seriously. Gartner clearly means that. And this is a good war when we know that the constant evolution of operational technologies, the Internet of Things with the explosion of smart buildings, connected cars tending towards total autonomy, also the birth of smart cities, the digital world has never been more exposed to cyber malice, in consequences perhaps much more harmful than in the past with conventional cybermalence.
However, it must be said that many companies already have some knowledge of the cyber physical systems industry. It is not uncommon today to see connected to a business system, a set of connected programs responding to situations of empowerment in order to modernize enterprise IT practices. However, as the vice-president, in charge of research at Gartner, has pointed out. "The focus must be on managing operational resilience beyond information-centric cybersecurity."
Now access an unlimited number of passwords: