CYBERSECURITY






























        From risk assessment to protection:



        how to build an effective security


        strategy in industrial enterprises





          ndustrial sectors face escalating cyber threats that jeopardise operations,   With a clear asset baseline established,
          safety, financial stability and further technological development. In   organisations can conduct meaningful
        I2024, 40% of industrial organisations globally reported cyber incidents   risk assessments that allow to meet
        according to Kaspersky. Proactive cybersecurity measures are a necessity   corporate risk criteria and account for
        to ensure business continuity, regulatory compliance and protection against   both cyber and physical consequences.
        costly breaches. By implementing these measures, businesses can mitigate   OT-specific frameworks, such as the
        risks, safeguard sensitive data and maintain operational integrity.  Purdue Reference Model, help segment
                                                                             networks into security zones, while
        Foundational security includes visibility and risk prioritisation    penetration testing
        A robust cybersecurity strategy begins with complete visibility, knowing   (Black Box, Grey Box, and White Box)
        what needs to be protected and where the greatest risks lie. In industrial   reveals vulnerabilities from multiple
        environments, where IT and OT systems intersect, this requires not only a   attacker perspectives. Findings should
        comprehensive asset inventory but also a risk assessment methodology   provide detailed and actionable
        tailored to operational realities.                                   insights into how the identified
                                                                             vulnerabilities and risks relate to
        An accurate, continuously updated inventory of all hardware, software and   the production process, so that an
        network segments is critical for understanding the attack surface. Industrial   organisation could implement effective
        environments demand special attention to ICS components, such as     security measures.
        Programmable Logic Controllers (PLCs), human-machine interfaces (HMIs),
                           and SCADA servers, which require different security   This approach enables risk-based
                           measures than traditional IT assets. Automated    decision-making, ensuring security
                           discovery tools, particularly those using passive   controls (network segmentation, patch
                           monitoring to avoid disrupting OT processes, help   management, access restrictions) are
                           maintain real-time visibility while minimising blind   applied where they matter most. By
                           spots.                                            quantifying risks in operational and
                                                                             financial terms, businesses can align
                                                                             cybersecurity investments with actual
                           By Emad Haffar, Head of Cybersecurity Consultant   threats, safeguarding both productivity
                           team in the META region, Kaspersky                and safety.



                                                14 | EngineerIT June/July 2025