Deloitte Australia has a global reputation for being innovative, tech-driven and economically sound.
In today’s interconnected, digital world, it is critical to understand which technology can be taken advantage of safely, dependent on the desired outcome. Managing the ever-growing, constantly changing cyber risks is an inherent part of solving complex problems to improve infrastructure and performance and develop new capabilities across sectors. With a unique east-west orientation, Deloitte Australia is well located to help organisations explore the need for genuine digital growth.
For Brad Flanagan, Director of Digital and Cyber Risk at the business, developing a powerful ecosystem with new technologies and existing infrastructure while maintaining cyber security is the essence of digital transformation. In understanding the power of the Internet of Things (IoT), Deloitte Australia has already made headway in integrating smart tech into a range of sectors. Industrial control systems, operational technology, autonomous vehicles, mobile medical devices and smart cities are some of the areas Deloitte works in.
Working closely with global alliance partners, Flanagan explains how Deloitte is “using the clout of its global footprint to bring expertise and experience to the changing market in Australia. As IoT is being used to drive innovation and optimise operational performance, getting a proper handle on its ecosystem requires asset discovery, threat detection, and vulnerability assessment,” he says.
In the mining sector, which is prevalent in Flanagan’s city of Brisbane, asset management is a key area in which IoT is being used. He exemplifies a “mining truck, with its mechanical components that can be monitored and tracked through IoT. The wear-down rates of parts can be monitored to predict when vehicles need servicing — in the consulting world we call this ‘digital twinning.’ This means we can help reduce down-time and optimise production on the mining site significantly, saving hundreds of millions of dollars over a few years.”
Keeping pace with this ever-changing landscape in a secure, efficient and intelligent way is essential. Robotics, AI, IoT and blockchain developments are all driving change, but the main hurdle is typically summarised in one question: ‘Where do we start?’ “Looking at the traditional landscape we have in many sectors, the infrastructure was created at least 20 years ago, before our internet-age and today’s data-based economy. The ability to connect efficiently, responsibly and effectively is compromised,” Flanagan explains.
To manage the lakes of data at the pace needed in order to meet customer requirements, and to do so in their best interests, in Australia’s well-regulated business environment demands digitisation and digital transformation. Industries such as financial services have led the way. They have built their AI radars over the last few years, supported by economic growth and pushed by existing legal regulations, royal commissions and a clearer understanding of the importance of getting the internal focus right.
Other sectors can now use the value of this learning to ensure their organisations’ digital transformations are undertaken in a safe and secure way. In Australia, Deloitte has been at the forefront of that journey with them from the very beginning.
As sectors with more traditional approaches to operations are beginning to bring high technology into effective action, a lack of integrated security can be a risk. Operational technology (OT) and IT security processes are different, and require unique risk management strategies.
To be better integrated, understood and rationalised, and to achieve a solid unified view of the risks, means that vulnerabilities in OT and IT need to be consolidated and assessed as a whole, to avoid the potentially catastrophic consequences of a breach or crash.
Before IoT, a crash in IT might mean an email server drops out for a few seconds and emails take a little longer to be delivered. A nuisance, certainly — but not inherently dangerous. As industries integrate IT into operational functions, however, a server breach or drop in connection can have dire consequences. “We have some energy clients that can control electricity on certain power poles,” Flanagan explains. “If there were a delayed reaction of even a couple of seconds where a person physically touched that power line, and the current stays running, that delay could cost somebody’s life.”
It is essential, therefore, that business risks get translated into security risks, both technical and non-technical. A culture shift needs to be a top priority for companies wishing to integrate IoT, robotics, AI, or any high tech into their industry, Flanagan explains. “The biggest cultural shift has really been workers in IT and OT educating the boards, explaining what OT is, how it is different to IT, and how the organisation can navigate through the different risks as they combine the two through IoT,” he says.
In most cases, the key performance indicators measured differ between OT, which is focused on production and safety, and IT, which is all about availability. A shift in culture and approach will find “the important common ground to enable in-house relationships and sustainable co-operation,” Flanagan states. Companies can work with IT and OT engineers to co-develop security architecture blueprints for existing and new production sites which serve both sectors adequately.
As digital becomes the new normal, companies that thrive in the constantly shifting environment are the ones collaborating with world-leading technology providers. Quality partnerships are integral to address complex operational and business challenges, meeting new market needs.
“Getting technology stacks right and making the best use of AI and data can make the difference between catching up or keeping up, and genuinely transforming to a meet an ever expanding and demanding digital future,” Flanagan says.
As it orchestrates complex operations involving multiple teams, Deloitte works with a significant number of global alliances. These include security firms that identify blind spots for enterprises by bringing visibility and control over all devices and networks, both managed and unmanaged, to help to close critical security gaps.
“Organisations can no longer afford to keep IT and OT separate,” Flanagan concludes. “They must invest in the business opportunities and solutions available to them in this expanding ecosystem to at the top of their game, which they can only do with the best vendors, security providers, and technical solutions.”