Automation Security Risks: How to Stay Safe
Even though automation is innovating companies, it can also make them more vulnerable. Cybersecurity expert Shannon McMurtrey, who is an assistant professor of management information systems at Drury University and creator of the school’s Cybersecurity Leadership Certificate, breaks down the risks and how to stay safe.
Why does the risk of attack increase?
McMurtrey says hackers examine potential targets based on their attack surfaces, or areas susceptible to attack. “When a company automates, they usually are increasing their attack surface,” he says. “When your attack surface increases, then obviously there are more ways for [hackers] to come in.” The more a business relies on and keeps information in systems connected to the internet, the better for hackers because it allows them to work remotely.
What do hackers want?
There are a couple different motivations for hackers. Ransomware attacks, as the name implies, are aimed at getting organizations to pay money in exchange for their information and data that hackers hold hostage. Other attacks are fueled by the desire to make a political statement and can include hacking robots, which can then be used to make a kinetic impact such as physical damage to facilities, equipment and people. McMurtrey says these are less common currently.
How can I protect my company?
Protecting your business starts with understanding the risk. “A lot of business leaders are really good at understanding market risk and environmental risk, but they’re not as good at understanding cyber risk.” Once they do, they can institute policies such as regularly updating software, password protecting devices and using a VPN when connecting to public Wi-Fi. Executives should also evaluate network security and whether company assets need to be further segmented from the internet.
Should we just stop using automation?
Some political leaders and power companies are rethinking their use of automated systems after a federal report warned against “imminent danger from cyber attacks” on the power grid. Because of this, a group of U.S. senators have introduced legislation to protect the nation’s power grid by reverting to analog technology. “I don’t really think that’s the right answer,” McMurtrey says. “I think the better answer is to understand cyber risk and just apply security appropriately.”