Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security Leadership and ManagementCybersecurity NewsInfrastructure:Electric,Gas & Water

Three Best Practices to Secure Critical Infrastructure

By Edgard Capdevielle
c-suite
September 6, 2018

In the last few years, executives overseeing energy, utility and other industrial organizations have begun to worry about the threat of cyberattacks on our nation’s most critical infrastructures. Ten years ago, their main concerns were focused on safety or environmental risks. Back then, operators believed the virtual barricades, or air gaps, between networks and technologies were sufficient enough to defend against malware and cyberattacks.

Over the years that’s gradually changed, and today the industrial C-suite is acutely aware that cybercriminals, hackers, corporate espionage and state-sponsored actors have critical infrastructure and industrial environments in their sights. Last December, the TRITON attack against a petrochemical processing plant in the Middle East drove home the need to strengthen industrial control security.

There are important areas that executive teams should focus on in order to protect critical infrastructure and manage cyber risk associated with industrial operations. They include assessing and updating cyber defenses, improving network visibility, and establishing an effective preparedness plan ahead of possible attacks.

 

Three Important Best Practices to Strengthen Cybersecurity

The C-suite must manage industrial cybersecurity risk and protect their organizations’ reputations. Following three simple, yet important, best practices will allow your organization to prepare for the operational, business and industry reputation risks posed by cyberattacks on operational technology infrastructures.

 

Integrate Cybersecurity with Artificial Intelligence and Machine Learning

Advances in artificial intelligence now allow the process-oriented anomaly detection necessary to deliver the same levels of cyber protection in operational technology (OT) as in information technology (IT). Solutions that use machine learning to understand the OT environment can play a critical role in helping improve your OT security posture. By learning autonomously and adapting, as well as tapping into artificial intelligence, the right solutions can help manage alerts, reduce false positives and find the threats that might otherwise be lost in a flood of data. The end result is more effective threat mitigation and response.

 

Increase Visibility

Visibility into industrial networks and their risk exposure is key to improving critical infrastructure cyber resiliency and operational reliability. Effective visibility requires real-time network monitoring and a continuously updated network asset inventory.

Equally important is consolidated visibility across regional or multinational facilities. This helps reduce support costs, speeds troubleshooting and improves staff efficiencies. Facilities should be aligned to support visibility across the organization, so decisions can be made in context with the most accurate and up-to-date information.

 

Improve Preparation Planning

An important, yet often overlooked, part of an effective OT cybersecurity posture is a thoughtfully developed and well-rehearsed crisis response plan. On this topic we spoke with Standing Partnership’s Mihaela Grad, who advises industrial organizations on cybersecurity-related issues, crisis planning and reputation management.  She recommends four key steps for getting it right:

  • Align all your crisis response plans: Assemble all existing policies, business continuity, operational and communications plans, plus reports that outline the risks your organization faces.
  • Build or update a cross-functional crisis team: Your crisis response team should include representatives from across the organization – safety operations, legal, IT/OT, customer service, communications, HR, etc. – spanning head office and remote operational units.
  • Develop a written plan: It’s best to have a written crisis response plan that contains response team members and responsibilities, assessment criteria, decision protocols and responses to scenarios most likely to impact your organization. A plan eliminates second-guessing and speeds up response time during a crisis. Ideally, it is reviewed and updated every six to 12 months.
  • Train your team: A plan without training isn’t worth much. Gather the cross-functional crisis response team at least once a year to run through the communications plan, and make sure members can execute seamlessly during high-stress situations.

 

Protecting the entire IT and OT environment is quickly becoming a business imperative for industrial executives. Organizations who acknowledge this threat are adopting technologies that provide real-time visibility for the best possible defense, and those who regularly practice an effective response plan will be well-equipped to meet the challenge.

 

This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security magazine. Subscribe here.

KEYWORDS: C-suite security cyber resiliency cyberattack Emergency Preparedness hackers

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Edgard Capdevielle is CEO of Nozomi Networks

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Top Cybersecurity Leaders
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Security Leadership and Management
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Broken wet floor sign

Why Response Time Is Becoming the Missing Metric in Workplace Safety and Security

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Cyber Tactics

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Medical professional

Nearly 85% of Nurses Experienced Workplace Violence in the Last Year

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

August 27, 2026

Leveraging AI & Mobility to Advance Your Security Domain

LIVE: August 27, 2026 at 2 PM EDT Explore how AI-driven cloud security solutions can elevate your security domain enhancing threat detection, streamlining operations, and delivering the resilience modern organizations demand.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • financial-data-freepik1170.jpg

    4 security best practices to secure financial report data

    See More
  • Revolving Door entryways

    New Guide Addresses Best Practices to Mitigate Unauthorized Entry

    See More
  • SEC0720-5G-Feat-slide1_900px

    CISA releases 5G strategy for secure and resilient critical infrastructure

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • The Complete Guide to Physical Security

See More Products

Events

View AllSubmit An Event
  • August 25, 2026

    Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

    LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing