https://arab.news/mkzb2
RIYADH: The notion that cybersecurity is limited to securing information technology has been labeled a misconception, according to a top official from Schneider Electric.
In an interview with Arab News during the Global Cybersecurity Forum in Riyadh, Abdulrahman Al-Musfir, regional head of the French multinational corporation’s cyber safety unit in the Middle East and Africa, emphasized that including operational technology is crucial for comprehensive cybersecurity.
“When we speak about cybersecurity, we need to differentiate between IT cybersecurity and OT cybersecurity. So, for IT security, we are protecting information, data. However, in the OT security, we are protecting the process. Whether it’s a power plant, whether it’s an oil and gas plant, whether it’s a manufacturing production line. All these are considered as operational technology or industrial control systems,” Al-Musfir said.
“At Schneider Electric, we manufacture and we conduct maintenance and services for these systems and solutions. And it is part of our duty as a digital company for producing these solutions to make sure that they are secure by design and secure by operations,” he added.
Al-Musfir explained that understanding securing systems and operation processes is critical when it comes to infrastructure and energy sectors.
“The theme of this forum is advancing collective action. And when we speak mainly about the critical infrastructure sector, including oil and gas, electricity, and water, for nations, this is one of the most sensitive sectors or industries that we have for any nation,” he said.
He highlighted that such sectors impact human safety and national economies. “For this critical infrastructure, we need to secure the full supply chain related to any systems, solutions for any automation that is part of this critical infrastructure,” he added.
According to Al-Musfir, establishing strong cybersecurity resilience requires full alignment between the producers of technology and its participants, such as end users in petrochemical companies, oil firms, and government entities.
He emphasized that government regulations must be implemented to enable the industry and secure it effectively.
“There must be a balance between innovation and security restrictions and control, and it is our role as a collective action to ensure that we put all these cybersecurity risk mitigations across the full value chain for this kind of industry or sector,” he said.
The GCF is scheduled to take place from Oct. 2-3 under the theme “Advancing Collective Action in Cyberspace,” with the goal of enhancing multi-stakeholder engagement and driving joint initiatives on key strategic priorities.