A Cyber-Security Culture

by | May 29, 2009 | Cybersecurity

Jim Cahill

Chief Blogger, Editor

Let’s close this holiday-shortened workweek with a post about cyber-security. Recently ARC Advisory Group’s Larry O’Brien posted on the topic of Safety Culture. In it, he makes the strong point:

However, an organization with a vigorous safety culture is always in a better position to avoid accidents and is better prepared when such an incident happens. Management needs to determine the degree of safety culture they wish to achieve, and chart and navigate a path to get there. Management responsibilities include not only rigorous safety planning, but also instilling a strong safety culture within their organization. Only, a person working within a strong safety culture feels more secure and is motivated to make the work place safer for everyone.

Emerson’s Bob Huba has been making similar points about the importance of the culture as it applies to process control cyber security. I added one of his presentations in a post, Like Plant Safety, Build a Culture of Security. His key message is that must be looked at holistically, much the way process manufacturing plants take a holistic view for safety.

I forwarded my RSS feed of Larry’s post to Bob Huba for his additional perspectives. Bob wrote back:

Organizational culture is also important in security. If you depend on enforcement from above or via IT control of the system to make you secure people will continue to do insecure things – bring in infected USB sticks and such. Unless you train and educate people to not do insecure things, you will never maintain a security program. Process control equipment is just too vulnerable, being out in the plant environment, to do security without the buy-in and understanding of the people who live and work out in the plant.

As a product manager on the DeltaV team, Bob looks at the technological aspects that can help process manufacturers with their security efforts.

Technology can help to some extent, but a proactive security culture is imperative, much as a safety culture is.

Submit a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Submit a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe for Updates

Follow Us

We invite you to follow us on Facebook, LinkedIn, Twitter and YouTube to keep up to date on all the latest news, events and innovations to help you take on and solve your toughest challenges.

Want to re-purpose, reuse or translate content?

Please do, Just link back to the post and send us a quick note so we can share your work. Thanks!

Our Global Community

Emerson Exchange 365

The opinions expressed here are the personal opinions of the authors. Content published here is not read or approved by Emerson before it is posted and does not necessarily represent the views and opinions of Emerson.