Organisations worldwide place great emphasis on communication because of its impact on operational efficiency. Mission-critical tasks rely on clarity, concision and resilient communication to fulfil their day-to-day duties while making inroads towards bigger organisational objectives.
.jpg&h=420&w=748&c=0&s=0)
The Organisation for Economic Cooperation and Development (OECD) published a report stressing that communication has evolved from a supportive role to critical infrastructure, with organisations increasingly dependent on its availability. Modern enterprise IT, which leads the line against actors that threaten that connectivity, must therefore reconsider its security approaches.
As cyberthreats and physical breaches increasingly threaten enterprise digital infrastructure, resilient communications become even more important. IT leaders need to shift their strategy to protect assets, not because compromise could cause setbacks, but because attacks could have far-reaching social and economic implications.
Risks of compromised communications
The Australian government already acknowledges that disruptions to communications could have the same impact as other compromises to essential services. The Security of Critical Infrastructure Act (SOCI) lists the sector as an area that, if "destroyed, damaged or rendered unavailable," would affect the "social or economic well-being of the nation".
As a result, Australian organisations with interests in communications must comply with regulations that mandate enhanced security and incident response plans to mitigate the growing threat of attacks against such assets.
Enterprise IT teams are aware of the risks, considering how communication tools and assets now support almost every aspect of organisational operations from decision-making to crisis response, which is why SOCI considers them so vulnerable today.
Many of today's most widely used enterprise communications platforms were never designed with critical infrastructure-level protection in mind, ultimately posing the major risk of compromise. On the cybersecurity front, impersonation and malware distribution pose significant threats. An organisation's reliance on communication availability can pose a physical challenge in the event of sabotage in the server room or the cables.
These risks and threats to communications are no longer considered only cybersecurity threats but also concerns for operational resilience. More organisations are shifting their enterprise security systems towards a cyber-physical approach that not only helps comply with critical infrastructure regulations but also protects organisational integrity.
Growing organisations are adopting more artificial intelligence (AI) tools and digital assets to improve productivity and meet business targets, creating an ever-expanding digital ecosystem that is becoming increasingly complex. As enterprise IT teams integrate more communication assets to support the growing number of applications, they face an increasing number of security vulnerabilities, just as other critical infrastructure sectors do.
The World Economic Forum (WEF) published a paper that stresses the critical role of communication resilience and highlights steps organisations can take to modernise their digital infrastructure in the wake of the current threat landscape. The main takeaways are that integrating innovative technologies, responsible AI and crisis simulations can be fundamental to security efforts.
Recommendations follow measures used by other critical sectors, such as segmenting industrial operational technology networks to limit damage in the event of a system breach. Many organisations are also pushing the use of AI to help learn and adapt security measures as risks and threats against infrastructure rapidly evolve, improving detection and response capabilities.
While the risks of cyberattacks remain prevalent in communications, the WEF emphasises that physical facilities face increasing threats and more sophisticated attacks. Power supply and data centre disruptions are significant concerns for modern organisations. IT teams are implementing technologies such as advanced access control to enhance situational awareness and improve perimeter security for their critical communication assets.
Building resilience in enterprise IT
The digital tools enterprises have traditionally relied on for communication have developed into platforms that support day-to-day operations, making them company assets that, if compromised, could have far-reaching effects. That's why resilient communications are now considered critical infrastructure by governments, institutions and businesses worldwide.
Modern enterprise IT will need scalable solutions to address communications; as such, this must consider the vulnerabilities, regulatory compliance and growing threats that come with this importance. Teams must account for both cyber and physical risks, as malicious actors will continue to target critical assets to disrupt and damage them in pursuit of their causes.
IT leaders can build resilience through proactive measures, leveraging an integrated cyber-physical approach and innovative technologies to enhance detection and response. Such direction can build an effective strategy that aligns resilient communications with critical infrastructure status.
