Part Two Of Our Comprehensive Interview With Deloitte Partner Adnan Amjad
By Rob Starr, Big4.com Content Manager
Cybersecurity is as important as having the right business model and talent. However, threats evolve as fast as the modern computer can process and can have a cast of threat actors that change their guises and modus operandi so quickly, it’s often hard to tell which players are in which play.
Still, there are Big Four firms taking on this modern threat and Deloitte is at the forefront with an attack characterized by three strong keywords–Secure.Vigilant.Resilent, that highlight their cybersecurity philosophy. Deloitte partner Adnan Amjad is one of the leaders of his company’s efforts to offer their clients solutions that work.
“We differentiate between IT and OT,” he said recently. “IT being the business network and OT being what runs the business. For example, ten years ago in an automotive plant all the systems that were actually putting the cars together were all based on stand-alone operational
technology and not IP enabled or connected to internet.”
Now, there’s more and more of these processes that blend together since it is important to follow key metrics like real time manufacturing data and the trend toward tying operational technology to technologies like phones and other smart devices.
“As we do this to drive efficiency and get more real time information, we’re introducing risk as well,” Amjad says. He uses the example of the automotive sector where the newer cars have millions of lines of code built-in that needs to be secure and designed using the right processes.
“We need to be sure that we are implementing the same rigor as say Microsoft or Google has in their operating systems.”
Another area of concern when it comes to cybersecurity highlights what Amjad calls the healthy chasm between the two principal groups and the subsequent real need for people who are cybersecurity savvy on the business side because that camp is well versed in the necessary processes.
“The OT side of the house needs to start thinking about cybersecurity the way IT was a few years back,” he says drawing on a car analogy again to illustrate an overarching theme about balance with new technology.
“If you look at a Lamborghini, it has better brakes than a Volvo so it can go faster,” he says. “When you look at where we’re going digitizing everything, you need to build in security as part of the development process so you can go fast but stop on a dime.”
This proactive approach is cost-efficient as well. Amjad concludes by noting the cost to enable security at the time of build is five percent of the cost of doing it later.