Page 1 of 1

Many organizations are primarily driven by the decisions of their C-Suite

Posted: Sun Dec 22, 2024 5:02 am
by mmehedi*#
The NIST Framework is a key component in improving cybersecurity for our critical energy infrastructure. It has the potential to generate the kind of dialogue which is necessary to better understand the threats base and how industry professionals can best respond to those cyber threats, whether they’re advanced and persistent threats, or whether they are the work of everyday hackers.

Driven To Comply
As the power sector and other industries move forward, compliance itself has been a prime motivator and driver for change regarding the implementation of evolved cybersecurity measures. Only the largest organizations in oil and gas, who are often part of multinational pipeline ventures, are seen as attractive targets australia mobile number list free for cyber attacks on a global scale. These are the companies that are voluntarily moving ahead in complying with cybersecurity standards on their own. This perceived targeting is indeed a driver. Smaller companies are less inclined to feel targeted, so they are primarily motivated by the compliance requirements themselves.

Image

Influence Of The C-Suite
when it comes to NERC compliance. There are a lot of power struggles within affected organizations as to who is controlling what and who has the authority and the drive to make things happen within a given company. Often, there is a disconnection between IT and OT personnel, leading to a lack of useful collaboration. Regulations cannot be ignored, and they do provide an incentive for organizations to operate in mandated ways, but compliance is different than security.