Biggest Challenges For A Senior Cybersecurity Analyst At Aleta Technologies
Ian's biggest challenge as a Senior Cybersecurity Analyst involves bridging the gap between government regulations and private industry priorities regarding industrial control systems (ICS) security, describing this as "a spirited discussion" needing more funding and resources. A further hurdle is fostering collaboration between IT and OT professionals, overcoming "a big divide" and ingrained practices to integrate cybersecurity across both sectors, a process Ian notes is improving, albeit "at a glacial pace."
Cybersecurity, Industrial Control Systems, Government Regulations, Workforce Collaboration, Legacy Systems
Advizer Information
Name
Job Title
Company
Undergrad
Grad Programs
Majors
Industries
Job Functions
Traits
Ian Knutson
Senior Cybersecurity Analyst
Aleta Technologies Inc.
University of Arizona 2015
Western Governors University Masters of Science Cybersecurity and Information Assurance
Computer Science
Technology
Cyber Security and IT
Video Highlights
1. The challenge of balancing the need for increased cybersecurity in industrial control systems (ICS) with the resistance from private industry and government is a major hurdle. There's a push for better regulation and funding, but finding the right balance to avoid disruption is key.
2. The significant divide between IT and OT professionals in terms of understanding and collaborating on cybersecurity is a critical challenge. Overcoming this requires bridging the knowledge gap and fostering cooperation between the two groups.
3. The cybersecurity workforce needs to adapt to a more integrated IT/OT approach. The traditional separation of IT and OT careers is changing, creating opportunities for professionals who can bridge the gap and understand both systems. This is a growing area for employment and expertise.
Transcript
What is your biggest challenge in your current role?
My biggest challenge is in my niche, industrial control systems. This area has historically been overlooked, but now more resources are being allocated to help the industry improve its cyber posture.
The real challenge is getting funding and resources to the industry, along with regulations to enforce these improved cyber postures. This is crucial to mitigate vulnerabilities in legacy systems.
It's a spirited discussion between private industry and government. The government is hesitant to enforce too many regulations, while private industry often prefers to allocate funds elsewhere.
However, on a positive note, more information is becoming available. The White House has recently taken a strong stance on enforcing cybersecurity improvements within federal agencies.
We are moving in the right direction, but it has been a slow process, almost like a glacial pace. Improvements are happening, but sometimes they are not drastic, as that could be disruptive to industry.
Another significant challenge, based on my research, is the workforce, particularly in government and sometimes in industry. There's often a divide between IT and OT (Operational Technology).
Many individuals have worked for decades in either IT or OT. When trying to bring them together to improve security, especially for federal facilities, there's a significant divide and reluctance to bridge the gap.
This collaboration needs to include both IT and OT perspectives. Many people understand both systems well, but preconceived notions and the "this is how we've always done it" mentality create hurdles.
Getting the workforce to understand cybersecurity from both sides and integrate them is a major challenge. There is growing awareness of this issue, especially with the younger workforce.
Historically, there were only two paths: IT or OT. Now, we see more integration, with OT becoming a more prominent topic within IT. Industrial automation is a fascinating engineering subset that now incorporates cybersecurity controls.
Vendors are also starting to include secure technologies, such as encryption and password enforcement, along with network segmentation. However, their primary focus remains on operational functionality.
The challenge lies in getting these different groups to communicate and collaborate. This has been a significant hurdle in many organizations, especially in government.
Despite these challenges, the situation is slowly improving, albeit glacially. Progress is being made.