Cybersecurity has taken a pole position at ControlTrends and we are grateful to the important content and contributions being provided by HVAC and BAS Cybersecurity professionals. Our industry has a long, long way to go to meet the increasing challenges of Cybersecurity, but we’re getting on track with the guidance we receive from these generous professionals sharing their expertise. Marc Petock’s post contains two very important links that bring some of the world of Cybersecurity to a needy industry’s doorstep, and terms like “Duty of Care” and a CEO’s “Tone at the Top” — as well as equations like Risk = Threat X Vulnerability X Impact, and Risk = Probability X Impact, will become increasing familiar and used in our industry — in the near future.
Marc Petock, Vice President Marketing, Lynxspring & Connexx Energy: Our connected business world means there are thousands of entry points in and out of companies. The exploding number of access points means we now have thousands of potential openings into our companies. What has been traditionally seen as a simple component of an organization’s infrastructure, throwing a firewall and antivirus solution down as an adequate cyber strategy, has evolved into something that can keep one awake at night. The scary truth is that network security does not work as well as we thought.
As cybersecurity has emerged as the number one priority today, it is becoming a front business issue and a board room issue. After a series of high profile data breaches and warnings, corporate boards find themselves dealing with cyber threats and security issues. Not long ago, cybersecurity was a term rarely, if ever, heard in the boardroom. Rather, information security was deemed to be a risk managed solely by the chief information or technology officer or the IT department. Those days are gone. With the long list of high profile cybersecurity hacks and the after effects that include drop in shareholder value, decline in sales, brand and customer erosion, regulatory inquiries and litigations, cybersecurity has become an increasingly challenging risk that boards must address.
According to The Wall Street Journal, in 2014, 1,517 companies traded on the New York Stock Exchange or Nasdaq Stock Market listed some version of the words cybersecurity, hacking, hackers, cyberattacks or data breach as a business risk in securities filings. That is up from 1,288 in all of 2013 and 879 in 2012.
Board Governance when it comes to cybersecurity is indeed a subject that is complicated and requires a deep understanding of the situation, careful consideration of the risks and implications, and decision making as to how to proceed. A recent report sums up the situation, “it has long been recognized that directors and officers have a fiduciary duty to protect the assets of their organizations. Today, this duty extends to digital assets, and has been expanded by laws and regulations that impose specific privacy and cyber security obligations on companies”.
Here are two reference documents that provide a collection of information that may be of interest to those responsible for or researching the subject of Cybersecurity and Governance within the context of a Board of Directors.
http://www.energycollection.us/456.pdf
http://www.energycollection.us/457.pdf
Today’s reality is this, no matter what business you are in, no matter where in the world you are everything on a network is at risk. One thing we can be sure of is that cyber threats aren’t going to go away. There is a pressing need for proactive cybersecurity vigilance and it is all of our responsibility to take an active role.
About the Author
Marc Petock is Vice President, Marketing at Lynxspring and Connexx Energy where he leads corporate and product marketing strategy and execution, brand management, public relations and communications to support both companies strategic and growth initiatives. Marc is a contributing author, noted speaker and recognized industry leader having earned Realcomm’s “Top 35 People to Watch” for the last seven years in a row, Who’s Who in M2M, a Digital Impact Award and several other industry accolades. Marc also serves on the board of directors of Connexx Energy and Project Haystack and is an advisor to Realcomm.
