Skip to main content Skip to footer

Blog

Harnessing the power of digital twins in cybersecurity

5-minute read

September 8, 2022

Sometimes, all it takes is a single attack on a supply chain to sabotage an entire operation. For example, exploitation of critical processes in the manufacturing industry could derail the production of automotive parts. So how can Southeast Asian (SEA) organisations realistically prepare for such eventualities before they occur?

We are well into the age of Industry 4.0, and digital twinning is a powerful, dynamic tool in bridging physical and digital worlds – especially in the cybersecurity space. Accenture’s intelligent cyber digital twin platform (CyTwin), for instance, is capable of predicting the impact of cyber threats and testing mitigation plans. Its greatest strength is developing multiple what-if scenarios and simulate “drills” to counter them, without having to bring down the real infrastructure. For manufacturers, this means real-time risk mapping. 

Essentially, digital twins offer predictive adversarial detection. They are virtual simulations that function as a sandbox to test and innovate security solutions. This is where prediction meets precision.

Digital twinning can help with attacks such as ransomware, which is common in SEA. This ties in with a broader resilience conversation we are having with clients in the region: with digital twinning, the cyberworld is their oyster. Its cutting-edge ability to model imaginary scenarios to assess threats with unerring accuracy can help cybersecurity morph from a reactive form of defence to a proactive one. 

The digital twin advantage

1. A tailored solution for every need

The beauty of digital twinning is that it allows organisations to build virtual, specific versions of their online infrastructure to do predictive analysis that suits their needs. It is a bespoke way of adapting security to individual businesses.

The benefits are twofold. Companies can proactively devise countermeasures to fend off potential attacks and accurately calculate the costs of security as they scale. At the same time, those looking to introduce new systems or migrate into the cloud can tap digital twins to improve the approach by testing their feasibility through system applications and data design.

As part of a massive and ever-expanding economy, SEA companies should consider employing a practical solution that can address issues from a business standpoint as well as a security one without hassle.

2. More security automation

The war for security talent is one of the biggest vulnerabilities organisations worldwide are facing today. Those that are not spending the most money on retaining skilled people are losing them. In light of the current manpower crunch in the cybersecurity industry, automation has stepped up to fill the void. 

But many clients find it difficult to figure out how to automate their responses to threats, especially with fewer employees on the frontlines. Digital twinning mitigates this problem. 

It allows companies to swiftly pinpoint the weaknesses in their systems and focus on solving them with automation. For one thing, this prevents their security team from dealing with possible trouble in a haphazard, time-consuming way. This means maximising headcount efficiency to shore up defenses in places that require help most urgently first.

3. Nothing is left to chance

Currently, a lot of cybersecurity defenses are based on assumptions that a network is secure. But with a digital twin, you can determine whether it truly is.

The possibilities surrounding digital twinning are endless. Companies have free reign to experiment with their cyber defenses across all levels. Explode things inside the sandbox and make sure they can be contained. Even the most obscure what-if scenarios can be prepared for, ensuring that all grounds are covered.

The bottom line is this: with digital twinning, clients can get a headstart in their journey towards security and resilience.

The first steps

Leveraging digital twins is not an insignificant undertaking. But it is a necessary move to plug major cybersecurity gaps. For example, many companies focus on meeting compliance to fulfill regulations, but are not actively managing risk. This gives them a false sense of security.

Cyber hygiene is also another area most organisations slip up on as they neglect simple “household” work such as running patches to manage bugs in the system.

To that end, there are three steps that SEA companies can take with digital twins: Fortify, Extend, and Reinvent.

1. Fortify

This is the most practical step. Organisations can use digital twinning to highlight existing threats and take measures to mitigate them. The simulations can also assess whether the security costs provide a good return on investment (ROI), a key metric for every company. In SEA, this is where most clients would start from if they were to build a digital twin.

What this means in terms of practicality is that they will be able to align these costs to orchestrate conceivable scenarios to fortify. Then, by prioritising actions – because they already know the expenditure and where the attacks are going to be – they can zoom in on critical areas that are the most vulnerable.

2. Extend

Digital twins are not restricted to just people working on security. This is another pertinent way SEA companies can use digital twinning – to implement security holistically across the entire organisation, even in domains not traditionally linked to cybersecurity, like software development and research and development.

Similarly, these other nodes require users to calculate all possible threat paths. The greatest value of extending digital twins elsewhere in the enterprise is potentially discovering lapses in areas that are not typically under the security domain. In other words, it is a gateway to having more discussions about cybersecurity across the organisation.

3. Reinvent

Digital twinning can also be used to plan for the future. In today’s interconnected world, organisations do not operate alone, but work together in intricate ecosystems of collaborations.

This means that it is also equally important for companies to get a holistic, big-picture view of what is happening beyond their borders. Digital twinning can achieve this. A ‘Mirrored World’ can pave the way for an endless exploration of potential partnerships. It can also strengthen existing ones, with organisations able to share information and test ideas with each other on an unprecedented scale.

Of course, defence will not be compromised. Companies can take pre-emptive action with digital twinning. Modelling data flow is one example. By identifying the points where data is exchanged, partner organisations can take the necessary measures to reinforce security in these vulnerable areas. One way would be to ensure that the data is encrypted end-to-end. 

In a world where cyber threats are constantly evolving, digital twinning is the ideal tool to seize the initiative and reinforce resilience. It can also strengthen partnerships and provide companies with holistic overviews. This is a golden opportunity.  

END

WRITTEN BY

Mark du Plessis

Managing Director – Security Lead, Southeast Asia