The OT Security Academy

Cyber defense resources: Where we are and where we are headed

Written by Sigvart Voss Eriksen | November 9, 2023

As Omny's CEO, Sigvart Voss Eriksen spends his days thinking about how to protect basic services in society from a cyber attack. This is the core of Omny's mission - a mission that requires fresh thinking and the right technology team. 

There is no shortage of ominous cyber attack stories filling the news today. It paints a gloomy picture of the rapid escalation of cyber threat actors who are finding new and more advanced ways to breach the growing digital surface that spans industries. 

We live in a world that must now be constantly at-the-ready, especially when it comes to protecting the most critical functions of our society – from telecommunications to electricity to water. Services that are all-too-often taken for granted.  

“What’s happening in the world right now has been a wake up call for many players operating in heavy industry and critical infrastructure. The increasing geopolitical tension globally has elevated the cyber threat level, and we see that the supply of the basic services that keep society running is now being weaponized,” says Sigvart Voss Eriksen, CEO of Omny. 

It’s a situation that has placed a huge burden on the shoulders of governments, heavy industry, and operators of critical infrastructure. These players are no strangers to the idea of putting safety first, but for many, venturing into the world of cybersecurity can feel like a journey through foreign territory. We sat down with Eriksen (SVE) to dive deeper into his opinion of cyber experience in operational technology, or OT security.

The cyber defense resources available today are greater than any single criminal group. - Eriksen, CEO of Omny


What is the level of cybersecurity maturity that Omny sees among industrial companies?

SVE: The maturity level varies both within and between sectors. This is partly a function of the scarcity of cybersecurity resources who know operational technology (OT), and because for many, digitalization is still new and still happening, and they perhaps haven’t grappled with the fact that with the efficiency and advancements come a new set of challenges to be tackled.

You mention the lack of OT cybersecurity resources. Is this a challenge that Omny experiences?

SVE: It’s challenging, but we have a few things going in our favor at Omny. The first is that we are based in Norway. This is an industrial nation with a long oil and gas history and strong manufacturing roots, which gives us access to a unique pool of talent who understand the industry. But the lack of resources I mention is about more than just people. It’s about using technology to truly understand and manage your cyber risks– to know your assets, understand where you are vulnerable, and maintain a constant overview so that you both prevent attacks and mitigate damage when they do occur. The technology we are creating at Omny is exciting and has allowed for us to attract some amazing talent.  

Given that Omny is based in Norway, are the industrial operations in this region really that vulnerable to cyber-attack?

SVE: It’s easy to think that since we’re not in the middle of a war-torn region, we must be ok. But the reality is that the Nordics together are facing increasing cyber threats. According to the research report published by Google this year reviewing the Cyber Threat Landscape, NATO member countries have seen a 300% increase of cyber-attacks. Considering that Sweden and Finland have joined NATO, and that this region borders a country at war, and pair that with Norway, a major supplier of gas and electricity to Europe, you start to realize how vulnerable the Nordics have become.

How can industrial operators sleep at night with the ever mounting cyber threats?

SVE: Even with all the new and evolving threats and many vulnerabilities in operations, we are not defenseless. The cyber defense resources available today are greater than any single criminal group. That is the good news. But activating these resources requires organizations to take a proactive approach, to define cybersecurity strategies that cover their operational technology, and to use OT cybersecurity technology to its full potential, and scale it across the organization.

Is this something an industrial company can do on its own?

SVE: In the past, strategies around cybersecurity secrecy might have worked, but now transparency, openness and sharing are needed more than ever. We have to collaborate across large and small agencies, with policymakers, and across industry. We need to share the challenge faced, talk about the types of attacks experienced, and use that information to build and continually reinforce a robust defense. One company can’t do this alone. Our best defense in a cyber insecure world is a shared one.

Keep yourself ahead of the curve in industrial cybersecurity. Join our mailing list and keep yourself ahead of the OT cyber curve.