Strategies to Cut Costs and Improve Cybersecurity

PB 25 Rockwell newlogo 400

June 18, 2021

By Nir Sasson, Network Security Consultant, Avnet, a Rockwell Automation company

Cybersecurity costs businesses a lot of money – and with no measurable monetary income as a result. That leaves executives and board members scratching their heads and wondering: “Why are we spending so much on this? Why do we need to employ expensive professionals to manage and operate cybersecurity?” Often leading them to ponder, “We know cybersecurity is important, but how do we determine the right level of investment?”

We’ve developed a list of three strategies you can use to maintain good cybersecurity hygiene, while still managing costs.  

#1. Manage to the Exception

Managing to the exception is the principle that will allow your organization to maintain a proper cybersecurity defense. It means starting from the worst-case scenario, or the exception to the status quo, and working backward to create your strategy from there.

Take the example of password management. Organizations using the username and password authentication method to verify their legitimate computer users must also provide a mechanism to help validate users who are having a problem. For example, they may have mistyped the password, are locked, and can’t log in to the system.

The ideal strategy starts with focusing on the small percentage of people who will forget their username or password – the exceptions. With the exception identified, the organization can plan and implement special measures to deal with the uncommon cases when the self-management process failed.

The next step is looking at what the solution is and figuring out if it can be automated, which leads us to our next strategy.

#2. Automation: Transfer Tasks, That do not Require Human Judgment, to a Machine

Knowing when to utilize automation can save companies a significant amount of money. Look for tasks that don’t require human judgment. Tasks like granting permissions to users who meet certain standards or automatic alerts when they meet pre-defined rules.

Going back to our password-management example, we have now determined that we need to deal with users who get locked out. Typically, how is a user unlocked? He calls the help desk. The operator at the desk helps identify the user who phoned him as a condition for providing the password reset service, asking a series of security questions.  

This process can be transferred to an application, doing precisely the same thing. Instead of a human operator, a machine can check the correctness of the user’s answers and reset the password for him.

With one fix, we can dramatically reduce costs and the organization still has strong authentication systems in place.

#3. Know When to Outsource and When to Keep it Internal

Your organization most likely creates and stores vital information that, if exposed to an unauthorized entity, could result in an unbearable impact on your business. While important to protect, you most likely aren’t able to spend all your time on that one task – there is still the day-to-day, essential work that it takes to maintain the company.

If you do not possess the in-house capabilities required to gain and keep a good cybersecurity posture, the solution is not to give up on it entirely or to make compromises. That is when you should bring in an outside source to help.

Rockwell Automation LifecycleIQ Services works with organizations across a wide range of industries to take a proactive approach to cybersecurity. Our threat detection services can help you monitor and detect increasingly complex threats. We work closely with partners to provide comprehensive cybersecurity solutions to manage the operation of network security devices and applications, such as firewalls, intrusion prevention/detection, etc.

Cyber defense costs money, but it is possible to reduce the costs without compromising cybersecurity, and maybe even improve your defense.

Important_Links_Bar.jpg

https://www.rockwellautomation.com/en-us/company/news/blogs/strategies-reduce-cybersecurity-costs.html

 

Related Articles

Network Infrastructure Featured Product Spotlight

PBUS 14 Panduit logo 400

This webinar presented by Beth Lessard and Keith Cordero will be highlighting three Panduit solutions that will optimize network equipment and cabling to ensure that your spaces are efficiently and properly managed to support ever-evolving business needs of today and beyond. Products that will be featured include PanZone TrueEdge Wall Mount Enclsoure, Cable Managers, and Adjustable Depth 4-Post Rack.

REGISTER HERE


Editor’s Pick: Featured Product News

Siemens: SIMOVAC Non-Arc-Resistant and SIMOVAC-AR Arc-Resistant Motor Controllers

The Siemens SIMOVAC medium-voltage non-arc-resistant and SIMOVAC-AR arc-resistant controllers have a modular design incorporating up to two 12SVC400 (400 A) controllers, housed in a freestanding sheet steel enclosure. Each controller is UL 347 class E2, equipped with three current-limiting fuses, a non-load-break isolating switch, and a fixed-mounted vacuum contactor (plug-in type optional for 12SVC400). The enclosure is designed for front access, allowing the equipment to be located with the rear of the equipment close to a non-combustible wall.

Read More


Sponsored Content
Electrify Your Enterprise

Power is vital to production, and well-designed control cabinets are key. Allied Electronics & Automation offers a comprehensive collection of control cabinet solutions including PLCs, HMIs, contactors, miniature circuit breakers, terminal block connectors, DIN-rail power supplies, pushbutton switches, motor starters, overloads, power relays, industrial Ethernet switches and AC drives engineered to keep your operations running safely, reliably and efficiently.

Learn more HERE.


Products for Panel Builders

  • OKW: IK/IP-Rated SOLID-BOX for Industrial Touch Screen and Display Electronics

    OKW: IK/IP-Rated SOLID-BOX for Industrial Touch Screen and Display Electronics

    More electronics designers are specifying OKW’s tough SOLID-BOX to safeguard sensitive touch screens, control panels and displays in harsh industrial environments. IK 08 (impact) and IP 66/IP 67 (ingress) protection make SOLID-BOX ideal for plant and machine construction, HVAC, IoT/IIoT, Smart Factory/Industry 4.0, gateways, data loggers, ICT, electrical installations, measurement/control, agriculture/farming, sensor systems and safety… Read More…

  • LOVATO Electric: New Double Contact Elements and Auto-Monitoring Contact Element

    LOVATO Electric: New Double Contact Elements and Auto-Monitoring Contact Element

    LOVATO Electric enriches the range of pushbutton and selectors Platinum series with the new double contact elements and auto-monitoring contact element. The double contact elements provide the flexibility of two contacts (1NO+1NC, 2NO or 2NC) within the same dimensions as a single contact (LPXC10 or LPXC01). The new auto–monitoring contact is replacing the previous auto-monitoring contact versions (LPXC01SM and LPXC02SM)… Read More…