INDUSTRY WATCH
laxer than it would be in a permanent office,
especially if there is a ‘bring your own
device’ (BYOD) policy in place, which allows
workers to access critical systems on their
own devices. It is important to have a policy
that requires passwords and other validation,
while mobile devices should be assessed for
vulnerabilities. Besides the regular antivirus
and VPN on the devices, a better good
solution is a small and easy to manage
security extension with built-in Wi-Fi that
effectively forwards all traffic for inspection,
covering the whole temp site.
For machine connectivity: The above
functionality is available in an ultra-small
form factor to fit into literally any industrial
good, making sure the latest security
standards are enforced on every device.
easy to manage Firewall and Wi-Fi and
can be deployed within minutes, even by
untrained personnel.
Advanced email and web filtering should be
required on all business networks. The number
one distribution vector for malware, even in
2019, has been malicious email. This can
not only prevent employees from accessing
inappropriate content at work, but also
restrict access to potentially harmful websites.
Advanced Threat Detection functionality
(ATD) should scan all email attachments
and links before they reach the user. Email
protection and Advanced Threat protection
are typically outside the realm of smaller
Would you offer any best practice
advice for dealing with threats in
this industry?
There are some relatively simple steps
that construction companies can take to
reduce the risks of cybercrime. All networks,
even temporary construction sites, should
be protected with security software and
firewalls. Setting up your own password-
controlled Wi-Fi on site rather than logging
into other parties’ networks can also help
you limit the potential risks to which you are
exposed. There are solutions that combine
76
INTELLIGENTCIO
devices protecting remote sites or heavy
machinery. To apply the same consistent
levels of protection, a public cloud-based
service scales across thousands of sites
and hundreds of thousands of users with a
single unified control panel.
All technical achievements aside, simple
human error can render any investment
in cybersecurity useless. It is therefore
important to define, communicate, train
and test robust policies to ensure that
everyone in your organisation follows
best security practices. In today’s
cybersecurity arms race, it’s virtually
impossible to guarantee immunity, but
it is possible to drastically reduce your
risks and make recovery as seamless
as possible by automating backup and
restore functionality for your data.
Are there any trends or future
trends that CISOs working in the
sector should prepare for?
Klaus Gheri, Vice President Network
Security and General Manager at
Barracuda Networks
Don’t neglect the public cloud and don’t
be shy seeking expertise from the outside.
Much like the future building owners
don’t do the actual work themselves but
contract out to specialists – you make
use of the expertise of security service
providers. This might go hand-in-hand
with deploying new public cloud-based
infrastructures. n
www.intelligentcio.com