The Evolving Role of the CISO: Digitalisation’s Impact on Industrial Security

Robin Whitehead, Managing Director of Boulting Technology, explains how the surge of daily cyber‑attacks on public‑sector and utility firms is redefining the CISO’s mandate and accelerating the need for end‑to‑end digitalisation.

In today’s data‑driven economy, the speed of insight is a decisive competitive advantage. Yet the same data is increasingly targeted by skilled cybercriminals seeking to monetize or sabotage this new currency. The scale of the threat is staggering: IT Governance reported 33.8 million records leaked worldwide in December 2017, and 59 million in November 2017 alone.

Sophisticated cyber attacks

High‑profile ransomware incidents such as WannaCry, Petya, and NotPetya have underscored that sophisticated threats are the most feared technology risk in 2018. While financial services and the public sector are the primary targets, utilities, oil & gas, and food manufacturing have also suffered significant breaches.

For example, at 9:30 am on 27 June 2017, Cadbury’s Hobart factory in Australia was shut down when Petya ransomware infected its production computers, demanding payment in cryptocurrency. That same day, the NotPetya variant—leveraging a backdoor in the Ukrainian tax‑preparation software and the EternalBlue Windows vulnerability—disrupted networks across Europe, Russia, France, Germany, Italy, Poland, the UK, and the US, crippling critical infrastructure such as power grids, airports, and banks. As Christiaan Beek, lead scientist at McAfee, told WIRED, “It’s massive. Complete energy companies, the power grid, bus stations, gas stations, the airport, and banks are being targeted.”

The new CISO

Modern CISOs are no longer confined to compliance and risk assessment. They must now steer enterprise‑wide security strategy, guiding personnel from shop‑floor staff to senior executives on proactive defense measures. The CISO’s voice has moved from the IT closet to the boardroom, ensuring business continuity in the face of evolving threats.

Effective CISOs are visionaries and communicators, wielding influence across all organisational layers to embed lasting security culture and technological resilience.

End‑to‑end digitalisation

Industrial firms stand at a crossroads: the integration of manufacturing networks with the broader digital ecosystem promises efficiency gains and cost savings across sectors such as food & beverage, pharmaceuticals, automotive, and utilities. However, the proliferation of connected devices—PLCs, HMIs, intelligent motor control centres, telemetry devices, and smart meters—has opened new attack surfaces, risking costly disruptions.

Historically, IT and OT have operated in silos, hindering cohesive security postures. As we increasingly rely on cloud‑based SCADA and ERP systems that aggregate millions of data points, a unified, end‑to‑end approach becomes essential. This involves standardised fieldbus communication, real‑time cloud analytics, and centralised control that delivers actionable insights and rapid incident response.

Transitioning to such a holistic system is not trivial; it demands significant investment and careful planning, especially when retrofitting legacy equipment. At Boulting Technology, we specialise in integrating cybersecurity into existing industrial setups. Our portfolio of control systems, networking solutions, and intelligent motor control centres provides engineers with secure, round‑the‑clock access to operations, enabling organisations to detect and neutralise breaches within minutes rather than hours.

In a world where cyber‑attacks are inevitable, heed the CISO’s guidance and reassess your end‑to‑end digitalisation strategy to safeguard critical assets.

The author of this blog is Robin Whitehead, Managing Director of Boulting Technology.