Preparing for the cybersecurity needs of the next normal
7 min read
14 Apr 2021
7 min read
14 Apr 2021
Remote and hybrid working are here to stay. As a larger share of Wärtsilä’s employees make the transition, the company has employed several methods to keep them, its customers, and data safe.
As the COVID-19 pandemic spread rapidly worldwide, most organisations have transitioned to remote or hybrid working methods.
“Unfortunately, hackers have taken notice,” says Dave Weinstein, an expert associate partner with McKinsey & Company who specialises in cybersecurity. “They've acted opportunistically to exploit this rush to working from home and necessarily or predictably the kind of gaps in controls that existed.”
In the aftermath of the widespread shift to working from home, cybersecurity has been thrust into the spotlight. According to a report from the American cybersecurity firm CrowdStrike, there were more hands-on-keyboard cyberattacks in the first half of 2020 than in all of 2019.
However, experts believe that this kind of news is good for the industry as the old cybersecurity paradigm begins to shift.
“The pandemic has in a way helped the cybersecurity industry,” says Jouni Laiho, Wärtsilä’s director of corporate security. “Now that people are working remotely, cybersecurity has got more attention than perhaps earlier, although it was a high concern area already.”
Leading the way to the 'next normal'
Wärtsilä is among the companies that are continuing to evolve their cybersecurity protocols to keep employees and customers safe from potential cyber-attacks.
“Any cybersecurity risk is a business risk,” says Teemu Eronen, Wärtsilä’s director of cyber operations. Along with Laiho, he emphasises a broad approach to cybersecurity.
“Cybersecurity is about partnership and collaboration,” says Eronen.” We have a very holistic approach and that is the way we want to do it.”
Wärtsilä’s holistic approach is more than just a corporate slogan. Instead, it involves redefining the company’s cybersecurity perimeter, bolstering its threat intelligence capabilities and educating its employees and customers.
Redefining the cybersecurity perimeter
When COVID-19 was first detected in Europe, Wärtsilä asked all of its employees capable of doing so to begin working from home.
This meant that they would be leaving behind the metaphorical fortress carefully constructed by the company and connecting to the secure network remotely.
“There is a limitation on VPN – virtual private network – bandwidth so that you can work and communicate with end-to-end encryption securely,” says Eronen. “The first few weeks, we faced problems with the VPN bandwidth.”
“Our information management unit took action on that and added more VPN gateways and bandwidth on existing ones,” he adds.
Along with strengthening their VPN, Wärtsilä also sped up the transformation of its software-defined network (SDN), which is similar to a cloud-computing environment.
“SDN is a great way of putting the right controls in place and also having some analytics behind it, particularly user behaviour analytics that can automatically enforce rules based on peoples' actions on the network,” says Weinstein.
According to Weinstein, this is particularly important when there are breaches at the user level, allowing for cybersecurity chiefs to track individuals’ behaviour and, if necessary, block their attempts to access certain services or applications.
“SDN can be an efficient and scalable way of increasing those controls across the organisation without causing prohibitively high levels of friction or pain for the end-user,” he adds.
Focusing on threat intelligence
Beyond redefining its cybersecurity perimeter, Wärtsilä has also bolstered its threat intelligence detection capabilities.
“We have high visibility of our threat conditions and threat intelligence that we run ourselves. That is an amazing feature,” says Eronen. “We have very skilled people to do that job: to identify threats that we face.”
As a result of this continuous monitoring, Eronen says the company has not suffered any significant breaches.
Along with its dedicated threat intelligence task force, Wärtsilä also boasts a 24/7 cyber security operations centre, Wärtsilä Cyber SoC. The goal, says Eronen, is to provide employees with a direct hotline to cybersecurity professionals who can assist with any issues
“The traditional model is to produce intelligence that you can give to network defenders or the people who are running your servers or cloud environments and they can take corresponding actions to reduce risk,” says Weinstein. “The more progressive organisations are now treating their employees as customers of threat intelligence.”
Employees as the first line of cyber defence
Along with providing its employees with direct access to experienced professionals, Wärtsilä also trains every team member to be an effective gatekeeper.
“We equip our employees – both before and after COVID-19 – with laptops, PCs and phones,” says Laiho. “A coherent device fleet is always very important.”
To ensure that the company’s hardware is used effectively, Wärtsilä also issues mandatory cybersecurity training.
“Basic cybersecurity education is so important and applies to digital natives and non-digital natives alike,” according to Weinstein. “There are actions that attackers take from the social engineering perspective to exploit both archetypes.”
“The value here is you're centrally equipping your employees to serve as a force multiplier of your security team,” he adds.
Laiho says this kind of training is creating a culture of responsible cyber citizenship at the company.
“It is quite a broad training scheme that covers the digital world and cyber-related threats as well as typical fraud attempts,” he says. “It is high-quality training, which then provides you the kind of citizenship skills that are needed to be able to operate in a digital world.”
A cyber-secure business ecosystem
Eronen and Laiho emphasise that Wärtsilä also works to extend this culture beyond its own employees.
Through its product security incident response team, Wärtsilä offers expertise to its customers.
“One of the best ways to tackle this next-generation supply chain risk is through collaboration, both with your vendors and quite frankly collaboration within the industry,” says Weinstein.
During the past year, Eronen has noticed an uptick in concern from customers regarding Wärtsilä’s software and Internet-of-Things-based products.
“This is obviously a good thing because we focus on building cyber as a core competence and it becomes a competitive advantage for us,” he says.
Laiho agrees: “It is not enough that a company has everything in order when it comes to cybersecurity.”
“The question of good cyber hygiene extends beyond the company itself towards suppliers and customers as well, so it needs to be an ongoing dialogue where customers and suppliers are helping each other,” he concludes.