Page 21 - Cyber Defense eMagazine February 2024
P. 21

That is where things stand in my industry  – we are hobbled by the conflict of several governmental
            imperatives.



            Information Technology and Operational Technology

            Of course, there are the obvious applications of IT and OT in the aluminum industry, just as there are in
            the endeavors of readers of Cyber Defense Magazine.

            Participants in the aluminum industry rely on Supervisory Control and Data Acquisition (SCADA), IT, OT,
            and  other  computer-based  systems.    We  are  subject  to  many  of  the  same  requirements  as  other
            organizations  using  these  systems.    In  collecting,  transmitting,  sharing,  and  storing  data,  we  must
            maintain its confidentiality, integrity, and accessibility.


            We, too, face conflicting priorities, and must find ways to comply and harmonize our responsibilities.  Let
            me mention a few of them.

               •  Privacy concerns and rights of consumers, vendors, customers, and regulators often conflict with
                   duties to comply with legal process for discovery under criminal investigations.
               •  Artificial Intelligence applications are growing in the impenetrable thicket of patents, copyrights,
                   and other protected intellectual property.
               •  We all operate on the Security-Convenience spectrum, choosing how to balance the two priorities
               •  Risk Management is another overlap in our activities, especially choosing which risks to retain
                   and resolve and which ones to lay off on a third party (cyber liability insurance, for example)
               •  We also must recognize that compliance with Legal and Regulatory requirements may not always
                   be sufficient to avoid liability for our organization’s acts or omissions




            How we are addressing these challenges

            Based on my belief that in the marketplace, as in life, we are more alike than we are different, we are
            taking several parallel steps in our future strategy and operations.  We have established ourselves in the
            industry as both a niche player and a vertical expansion vehicle.  There are four principal initiatives we
            are pursuing to implement our program, and I believe that in your capacity with your own organization,
            you will find them instructive.



            Internal

            We have created an organization culture to encourage our employees to be dedicated to the mission of
            our company.  They understand and value the work we do, and are committed to our success.  Training
            and education are an integral part of our advancement program.  In cybersecurity terms, we assure that
            everyone is aware of the latest developments and prepared to avoid cyber attacks.







            Cyber Defense eMagazine – February 2024 Edition                                                                                                                                                                                                          21
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   16   17   18   19   20   21   22   23   24   25   26