Unfortunately, it is not something that we are accustomed to in these latitudes; but, undoubtedly, if there is a clear and sharp expression of good governance in an organization it is that which, if necessary, results in genuine accountability. For sure, you recall that from this column -we have not done it for a while; but give it time- we have quoted some notable cases of accountability, embodied in resignations of presidents and CEOs (perhaps not all of them fruit of sincerity or conviction; but simply forced by circumstances or by a board of directors who has acted as guarantor of the legitimate interests of their constituents). Anyway, all the cases have exemplified standard cyber consequences.
The fact is that we are facing a change of scenario: think, for example, in the oil sector. Until recently, the kind of problems any oil company faced -we keep our focus on accountability- usually had to do with incidents and, particularly, very serious accidents affecting people, assets and the environment; and lastly the company’s reputation (remember the cases of “Exxon Valdez”, “Prestige” or “Deepwater Horizon”). Today there is a series of new problems, derived from the growing use of IT at corporate level and OT in fields, rigs, ships, refineries and pipelines. Regarding the latter, I will come back other day to detail the Bellingham (Washington, USA) case.
Let me say just a couple of things: facts like those of Bellingham, or other similar cases, are, in general, a consequence of any kind of threat, both internal or external, born from an error, negligence, failure or, even, sabotage.
Facts like the ones lived in Bellingham come also to recall that the border between safety and security is becoming more and more blurring.
Today this comment has focused mainly in the oil sector; but others, like the healthcare industry, are not away from the same perils.
Deepen these and other topics in our weekly "Newsletter". Subscribe here and enjoy reading!