Industrial firms: Sovereignty is the backbone of your OT cybersecurity strategy!

Guest column by Vincent Nicaise, Head of Industrial Partnerships at Stormshield, and Yoann Delomier, OT Team Leader, WALLIX.

Stormshield – Cybersovereignty Expert Opinion, co-written with WALLIX

June 2022

Today, cybercriminals are increasingly targeting the industry sector – and their attacks are having far-reaching consequences. And this is affecting not only operators of vital importance and essential services: all players are concerned. In addition to the regulations that are “forcing” some to choose sovereign solutions, it remains the responsibility of other industrial players to apply these same rules and take action throughout the security chain. But why is this concept of sovereignty so important?

However, these new working practices have also impacted the industrial world, which finds itself increasingly exposed to cyber risks. For example, operators of critical infrastructure (transport, energy, water, etc.) are running industrial processes that use data circulating – sometimes constantly – in real-time to ensure smooth operations and deliver both productivity and service to the general public. Such data is now facing attacks from multiple directions. And more generally, all entry points are now being exploited by increasingly professional hackers, whose objectives include industrial espionage and halting production to demand ransoms or for political purposes. And given the financial, human, and environmental stakes behind these attacks, the industrial sector has a strong incentive to pay out… which means big paydays for hackers.

Trust: the first criterion when selecting your cybersecurity solutions

Above all else, choosing sovereign cybersecurity solutions means ensuring transparency and avoiding any risk that data could be exploited for malicious purposes. The aim, in this case, is to have access to well-controlled sovereign information, thus mitigating the risks of compromise and attacks by foreign bodies. This is the only way to ensure defense in depth with no weak links.

Such an approach is vitally important in order to avoid any risk of interference or industrial espionage – as recently seen with the Chinese hacker group Winnti, which was cited in an investigation for having conducted a major espionage operation in the United States, Europe, and Asia on behalf of the Chinese state.

Retaining digital independence is also the only way to enable a local, autonomous response with regard to production issues and critical activities when resolving cyber incidents; for example, with a view to minimizing disruptions to production. European solutions are able to deliver this local response in terms of rapid technical support, assistance to local teams, incident response processes, etc.

And lastly, the choice of sovereign solutions also ensures native compliance with current regulations and standards. This translates into regulatory requirements for delivering secure access to information systems and operational systems (authentication, segmentation, data traceability, encryption, etc.).

In short, there is a need for more trusted European solutions. Especially since, given the proliferation of production sites all over the world, borders are no longer an issue when attacking a European industrial company.

Investing in European leaders in industrial cybersecurity: a responsible and socially aware approach

To enable the industry to make the right choices, Europe’s leading cybersecurity solution providers have several assets available to them as they seek to build a reliable, resilient environment. The first of these is to expand the locally available range of protection solutions, ensuring that end customers have the choice of a sovereign solution as a basic minimum. This goes hand in hand with the work of raising the awareness of industrial manufacturers in implementing sovereign security components into the design of their products.

More generally, it is important to support start-ups and the cyber sector via national organizations, investment in the local cyber economy via dedicated funds, and education. These are the conditions for ensuring that companies establish bases in France and in Europe and then stay there, and also for maintaining and developing European expertise.

With the involvement of the entire ecosystem and effective cooperation between European players, it will be possible to increase sovereign control in the industry, while at the same time ensuring the optimal protection of our economy, citizens, and environment.