IT in Manufacturing

The business case for protecting crown jewels from cyber threats - Part 6: Cybersecurity for operational technology.

March 2022 IT in Manufacturing

Mission-critical assets are known as ‘crown jewels’. These are high-value assets that would cause the most business disruption if compromised. Anything of value attracts the attention of criminals and this no different in cyberspace. Information technology (IT) systems and data make up a significant portion of an organisation’s crown jewels. These could be trade secrets, intellectual property, company or customer data, as well as operational and financial systems.

Organised cybercrime is the largest threat and is a lucrative and growing business, with common methods being ransomware, data breaches, malware and phishing. The impact of cybercrime in 2021 is estimated to be $1 trillion, but at least one major ransomware group, REvil, was recently taken out by Russian authorities.(1)

Many organisations have the basics in place but lack a formal framework to manage and reduce cyber risk. In some cases, key areas are neglected so there is no effective visibility of key cybersecurity metrics. This translates to leaving the ‘cyber gates’ wide open, making for an attractive target.

Costs to recover from physical or cyber incidents can be more than the cost of preventing such events. These costs are quantifiable, but damages to reputation and customer or shareholder confidence is difficult to assess and can be long-term. The costs of a data breach can run into the millions, including the cost of detecting a breach, business disruption, revenue losses from downtime, lost customers and acquiring new ones, breach notification and response activities.(2) Employee safety is a non-negotiable but can be compromised by cyber threats to operational technology.

Physical or real-world threats such as burglary, vandalism, fire and flooding are well understood. Money is spent on fences, alarms, security guards, fire detection and suppression. This protects physical assets against the potential business disruption, loss of revenue, customer confidence and even business closure in extreme cases. The same due diligence needs to be applied to protecting high-value logical assets or virtual crown jewels.

The Financial Sector Conduct Authority (FSCA) has acknowledged the risks in South Africa today: “The biggest challenge to every institution today is the frequency and sophistication of targeted cyberattacks, with perpetrators continually refining their efforts to compromise systems, networks and information, worldwide. Cyberattacks have been targeted at critical infrastructure and strategic industry sectors such as the financial sector.”

The South African Information Regulator views data breaches seriously and PoPIA (the Protection of Personal Information Act) allows for a fine of up to R10 million or imprisonment for up to 10 years.

The World Economic Forum says: “Cyber risk is a systemic challenge and cyber resilience a public good. Every organisation acts as a steward of information they manage on behalf of others. And every organisation contributes to the resilience of not just their immediate customers, partners and suppliers but also the overall shared digital environment”.

Wolfpack Information Risk recommends the following nine-step action plan:

1. Establish cybersecurity as a business priority with a clear vision and responsibilities. Cyber resilience is a leadership issue – the board takes ultimate responsibility for oversight of cyber risk and resilience.

2. Establish sound and robust processes for managing cyber risks.

3. Identify mission-critical information assets or crown jewels – understand which key business areas (processes, people and technology assets) are at risk.

4. Conduct a cyber risk assessment using a best-of-breed framework covering cybersecurity, privacy and resilience. Assess the main adversarial threats to the crown jewels.

5. Determine and implement the most appropriate method to protect the crown jewels. Build a prioritised roadmap to adopt cybersecurity fundamentals to preserve confidentiality, integrity and availability of data and IT systems.

6. Build internal competencies to maintain cyber resilience capability and to be adequately prepared to deal with cyber threats.

7. Initiate a shift in employees’ mindset to embed a culture of continuous security improvement into all aspects of business processes via continual awareness training.

8. Monitor effectiveness and make appropriate improvements as needed – undertake systematic testing and assurance regarding the effectiveness of security controls. Examples are penetration testing and third-party supplier risk assessments.

9. Prepare for incident response and notification of material cyber incidents to the regulated entities or authorities.

Taking action to prevent cybersecurity incidents will deliver the following business benefits:

• Ensure customer retention and confidence by demonstrating that you value their business and data.

• Ensure sustainability of operations, financial stability and competitive advantage.

• Protect the interests of shareholders.

• Provide an holistic approach to minimise the risk of business disruption and financial losses.

• Improve the visibility of your cybersecurity posture and maturity.

• Demonstrate duties of care by being aware of potential risks and implementing appropriate controls.

• Demonstrate good governance and avoidance of potential liability actions.

• Provide evidence that appropriate action was taken. This is essential in the event that a cyber breach occurs.

• Reduction in cybersecurity insurance premiums.

Please contact me to share your ideas, if you have been breached or need help, at You can also report breaches at the National Computer Security Incident Response Team (CSIRT) at

Here are some resources used or referenced within this article:

(1)Reuters, Jan 2022, Russia takes down REvil hacking group at US request – FSB,*mar22-baxter1

(2)IBM Security and the Ponemon Institute, 2021, Cost of a Data Breach Report 2021,*mar22-baxter2

About Bryan Baxter

Bryan Baxter.

Bryan Baxter has been in the IT Industry since 1992 in various roles before recently joining Wolfpack Information Risk. He has helped customers successfully manage and deliver IT infrastructures to around 7000 users in several countries, where, of course, the recurring theme has been keeping customers secure from cybersecurity threats. For more information contact Bryan Baxter, Wolfpack Information Risk, +27 82 568 7291,,


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Security certified IIoT edge gateway
Omron Electronics IT in Manufacturing
The DIN-mountable device can be installed in machine control panels to provide remote access for on-demand, real-time servicing of industrial equipment.

EPLAN relegates device data DIY to history
EPLAN Software & Services IT in Manufacturing
With the new Data Portal Request Process, customers can order individual device data in Data Standard quality using a credit system.

Recovering from industrial data disasters
Absolute Perspectives IT in Manufacturing
Aside from bringing production to a sudden halt, there are often safety and environmental implications when shutting down a plant.

EtherCAT conformance tool updated
IT in Manufacturing
The CTT now allows read and write access to the PHY registers, which is convenient and rarely supported by other tools.

Carmakers look to AI/ML to achieve sustainable manufacturing
IT in Manufacturing
ML supports component quality inspections using camera data to check assembly processes and sequences in terms of complexity, speed and accuracy.

The most common cyber threats in the industrial environment
Rockwell Automation IT in Manufacturing
Rockwell Automation’s cybersecurity portfolio strategic growth leader delves into this topic in a recent blog post.

Deploying IT into the factory floor environment
Omniflex Remote Monitoring Specialists IT in Manufacturing
The ongoing debate on whether OT and IT should be integrated has never been more intense. Closing the gap between the two has many benefits, not least of which are efficiency and profitability managed in near real time.

PACTware further refines user interface
VEGA Controls SA IT in Manufacturing
Optimising a user interface for multiple sensor equipment manufacturers is possible in such a way that industrial users can use it similarly to everyday smart devices.

EPLAN Marketplace networks users and service providers
EPLAN Software & Services IT in Manufacturing
The free online platform is divided into engineering services, module manufacturing services and general consulting sectors.

Condition monitoring software gets asset health boost
Emerson Automation Solutions IT in Manufacturing
The newest version of Emerson’s AMS Machine Works adds support for embedded, automatic analytics at the edge using patented PeakVue technology.