Industry reflection

It’s time to bring security assessments to the board table

Interview with Simo Pykälistö, President of Sectra Communications

While managing risks is a must, proactive security often gets forgotten. Sectra Communications—a company with over 40 years of experience in encryption, secure communications and monitoring of critical IT and OT systems—wants to change this by helping companies achieve balanced security.

Today, taking security work from a reactive to a proactive level is a must for operators in critical infrastructure, whose work processes are vital to society in many respects. But if this is to happen, the issue of security must be addressed at board meetings.

“For many years, security has not been seen as an issue for the board, which has resulted in the people who actually work with security not having the resources needed to take a proactive approach. Digitization and remote working are two of the areas undergoing the fastest development, and it is crucial for companies’ survival that they prioritize security work based on these needs,” says Simo Pykälistö, President of Sectra Communications.

To achieve this, security assessments must be incorporated into risk analysis. This means companies must review their IT and OT networks, and ask themselves, “How secure is everything we do?”

“If security assessments are brought to the board table, it will no longer be possible for management to ignore the issue. Companies will then be able to start securing the critical areas of their operations. It’s not possible to secure everything at once, but balanced security safeguards the continuity and efficiency of their operations, something that Sectra has helped with for a long time,” continues Simo Pykälistö.

 

Military background

Sectra Communications started its cybersecurity journey back in 1978 and has been providing the Swedish Armed Forces with solutions since an early stage. Today, Sectra’s systems are used in more than half of the EU member states, and for the past ten years, the company has helped critical infrastructure operators with the long-term management of security-related risks.

We have noticed that a growing number of companies are starting to realize that proper risk and security assessments need to be carried out on a regular basis. This development stems not only from new legal requirements, but also from increasing awareness as cyberattacks have become a greater problem and attracted more attention in society.

Simo Pykälistö

This article was originally published in Swedish Dagens Industri: Dags att lyfta säkerhetsanalysen vid styrelsebordet

Related reading

Related products