Interview with Alina Matyukhina

Ahead of the Global Cyber Conference, we have undertaken a series of interviews with some of our speakers featuring on stage in September.

Dr. Alina Matyukhina, Head of Cybersecurity at Siemens Smart Infrastructure Global HQ, Building Automation, was joining the panel discussion on “Security measures: How to balance acceptable risks against convenience while transforming digitally?” at the Global Cyber Conference 2022. Dr. Alina Matyukhina is responsible for ensuring that products for smart buildings and critical infrastructure meet the required cybersecurity level. She previously worked as a cybersecurity researcher at the Canadian Institute for Cybersecurity and EPFL.

We asked Alina three questions on cyber resilience and digital transformation. Check out her insights below.

The costs of cybersecurity failure constantly increase. Is this trend to continue forever and what is your best advice for companies to adequately protect their business? 

Cybersecurity plays an important role in the manufacturing process and will become an integral part of every future business strategy. As more technology enters the market, we need to ensure the protection of tomorrow’s business. 

Companies should include cybersecurity in the initial design of products. It is more cost-effective to address security early in the lifecycle of a product than it is to fix problems later. Security experts should perform threat and risk assessments throughout the lifecycle of the product, to identify and mitigate potential risks. This should start early in the product development process and should be repeated for every significant update. Before releasing a new product, companies should ask independent third-party organizations to test it for potential vulnerabilities.

Cyber security resilience has become the new holy grail for cyber risk management. What does cybersecurity resilience mean to you, and how can businesses achieve it? 

Any suspected incident should be treated as real until proven to be a false alarm. Every company needs a guide setting out how security incidents should be resolved in a timely manner, ensuring they’ve done everything possible to mitigate the risk of a breach. 

It is vital that companies are transparent about incidents, informing customers and other required stakeholders when they find vulnerabilities. In the event of a problem, corporate communications are as important as fixing the technical defect, because cyberattacks may damage a business’ reputation and erode the customer’s trust.

What are the key actions to empower secure digital transformation? 

People are at the heart of a successful and effective cybersecurity strategy. Investing in continuous training and awareness will help safeguard organizations against cyberattacks. Employees who are involved in security-related processes should be adequately trained, and there should be clear guidance about who to contact with internal questions or problems. 

Companies also need to share information and work together to keep each other updated on new threats as well as best practices.