Users accountable in security solutions

End users are becoming more aware they need a security solution these days, but the problem is they need to be able to sit down and to focus on their main priorities.

By Gregory Hale; Source: ISS Source April 26, 2011

End users are becoming more aware they need a security solution these days, but the problem is they need to be able to sit down and to focus on their main priorities.

That was the message Tuesday during the ABB Automation and Power World 2011 work session in Orlando, FL, hosted by Wurldtech Vice President of Business Development Tyler Williams and Dr. Ragnar Schierholz, principal scientist at ABB, during their talk entitled, “Cyber Security: Buying a Pig in a Poke? How to get the security you need.”

When it comes to security users can’t rely on suppliers to understand what makes their individual system tick. Rather, users need to figure out their main priorities and the work off of that. In most cases the idea of keeping the system up and running and as productive and profitable as possible remains the main focal point for any manufacturer. Anything that gets in the way of that will garner the attention of the executive suite.

The issue is a solution just doesn’t fall from the sky. What needs to happen is a group effort by end users to create a set of basic parameters for manufacturers to work from, Williams said.

“What we need is a community vision statement,” Williams said. “What are you trying to achieve? How is that going to impact my operations? You need to understand what you need to accomplish before you get started.”

Schierholz agreed. “Security is a moving target and you have t keep maintaining it over time,” he said. “The concerns we apply in a safety world now have to apply here as well.”

The idea behind naming the session “a pig in a poke” was because users should know what they are getting when they purchase a security system, Schierholz said. On a whole, right now users really don’t know what they need or want to protect.

That is also where the communication comes into play between end users, systems integrators and suppliers. If all parties are on the same page, then there should be smooth sailing, but if not, the user could be in for a rough ride because all agree threats are not going away.

“Security is a process,” Schierholz said. “Security is a shared responsibility.”