March 14, 2022
By: Cherith Sinasac, Electro-Federation Canada
Robert S. Muller, former director for the FBI once said, “there are two types of companies – those that have been hacked and those who will be hacked.”
Cybersecurity threats are becoming increasingly sophisticated with advances in digitized, connected devices (IoT) that span internal and external networks and systems. While many executives know the severity and impacts of cybersecurity threats, they may be unfamiliar with the types of cyber threats and the technical needs required to secure their business. Furthermore, some organizations may be concerned that they lack the resource capacity, budget and expertise to address cybersecurity.
Also, it’s not just business executives who are worried about cyber-attacks; customers are also becoming increasing concerned about sharing personal information. The impact of a cyber-attack on a brand can be dire. According to a survey conducted by CIO Insight, 31% of customers surveyed said they discontinued their relationship with a company that had one data breach. Of those customers, 65% said they lost trust in the breached organization.
Trust is an important business asset – and improving your organization’s security measures adds value to your brand, protects your intellectual property and strengthens your customer relationships.
EFC’s Cybersecurity Best Practices and Cybersecurity Measures of Success task groups, comprising of IT experts from the electrical industry are developing a guide to support member organizations’ cybersecurity position. The goal of this guide is to encourage organizations to develop a robust cybersecurity program that can quickly detect and respond to cyber threats, while maintaining business continuity and preventing the potential loss of money, intellectual property, stakeholder confidence and brand reputation.
EFC’s Measures of Success task group, led by Priya Serai, Chief Information Officer at Omni Cable, has identified nine core pillars that must be incorporated into a cybersecurity. The nine pillars of cybersecurity offer a framework that executives should be familiar with to guide meaningful conversations with their IT teams.
EFC’s Cybersecurity Best Practices task group, led by Alexander Popov, Vice President of Information Technology at Sonepar, set out with the goal to provide an easy-to-use roadmap for industry organizations to improve their cybersecurity position. The task group recommends an all-encompassing resource from the Center for Internet Security (CIS) to help businesses map their cybersecurity strategy. CIS is a community-driven, not-for-profit organization that is responsible for the CIS Controls, a set of 18 globally-recognized security controls that help mitigate prevalent cyber-attacks on systems and networks. The CIS Controls are comprehensive and include multiple legal, regulatory and policy frameworks. The task group has supplemented the CIS Controls by identifying a list of recommended tools to satisfy the safeguards applicable to an organization’s size and resource capacity. The industry guide will include a comprehensive overview on the CIS Controls and will also feature risk assessment strategies that organizations can use to model potential threats.
Developing and deploying a cybersecurity strategy must be a priority for every organization – extending across all employees as well as all customers and partners that are part of your value chain. After all, a cybersecurity plan can only be as strong as its weakest link. Therefore, protecting business systems and networks takes collaboration and communication across the market.
EFC’s Cybersecurity Guide will be shared with industry executives and IT professionals in the coming weeks. This guide will be accessible on an industry web portal, which will also include other resources and tools to support this industry’s cybersecurity journey. Stay tuned to www.electrofed.com for access to the web portal.