“Paranoia” normally means taking on exaggerated and imaginary importance, typically associated with the actions of so-called hidden enemies. But in the case of R&I, the importance of the function is not imaginary, and hidden cyber enemies do exist. This article indicates three main reasons for R&I departments to cultivate a healthy form of cyber paranoia.
Reason #1: The R&I function is a major focus
R&I services house the intellectual assets that contribute significantly to the future value creation capabilities of industrial companies. After being imbued with the basic notions of cybersecurity, the first cyber reflex of an R&I Director must be to map the information assets to be secured as a priority, according to Olivier Kempf, Fellow Presans, specialist in cybersecurity and cyber strategy. It is not possible to secure everything 100%, but it is necessary to harden the information systems in which the company’s future added value is to be found.
On this point, we should not get the wrong category. It is not property law that protects against the risks of espionage. What protects and guarantees future revenues from the valuation of intellectual assets is first and foremost cybersecurity performance. A point to keep in mind when it comes to defending a cybersecurity budget for the R&I function.
Reason #2: New technologies will increase cybersecurity risks
With the strong growth of confinement-induced videoconferencing, cybersecurity risks have recently exploded. But the number of attack surfaces will continue to grow in the future, due to the general technological trend towards more connection and digital smartification of the world. Connected objects, 5G, additive manufacturing, smart materials: it is possible that unconnected industrial assets are increasingly appearing as islands threatened by the rising water level of the universal ocean of connected objects. Do you also feel a growing feeling of cyber paranoia?
Reason #3: We increasingly live in a world of open organizations
An increasingly connected world is one where the boundaries between organizations risk becoming blurred. This issue directly concerns R&I functions and should even be a key focus for the R&I organization of the future. Cyberparanoia should not lead to questioning the benefits of the open organization.
A bit of cyber-paranoia today wouldn’t hurt, because the current cybersecurity problems will most likely become even more serious in the future. But paranoia is not enough to build a cybersecurity system. Indeed the latter requires what paranoia tends to exclude: trust in the members of that system1.