Praxair CIO: Create a Culture of Cybersecurity and Physical Security (CxOTalk)

The issues of security and support are central
to any enterprise software operation in any company you choose. I’m Michael Krigsman. I’m an industry analyst and the host of CXOTalk. Today, I’m delighted to welcome Earl Newsome,
the chief information officer of Praxair. Earl, please tell us about Praxair. Absolutely. We are a $12 billion industrial gas company. We basically bring the periodic table to life. We bring active gasses, inert gasses to our
customers for their utilization inside their manufacturing processes. When you think about security, what comes
to your mind initially? I think we’ve gone from a mode of 100% protection
where our goal is about protecting ourselves against every potential incident or potential
happening out there to one that’s more about having a defensible strategy. What is the connection between security and
support? Security is not just the job of IT or our
vendors. It’s actually the jobs of the board. It’s the jobs of our employees. It’s the jobs of everybody that we have employees. Security is everyone’s job. You get to establish your own level of currency
for your company. For us, N-2 is the right area. N-2 Strategy, what is that? N-2 is a strategy for currency. You’re at version 11 of something. The latest version that we allow in our operations
is version 9. That’s N-2. Then when you’re on version 9, you have to
make sure that you maintain the currency on the dot release. If it’s 9.3 is current, and you’re at 9.1,
you need to get to 9.3. Earl, it sounds like this defensible strategy
you’re describing has both a business/cultural set of dimensions along with technology pieces
and working with your vendors that you’re putting into place. It absolutely does. In fact, it’s essential to our culture. At Praxair, I talked about [how] we’re an
industrial gas company. Physical safety is a cornerstone to how we
operate and think as a company. We take safety very seriously. It’s embedded to everything that we do. I’m taking those same safety tenants, which
are part of our culture, and then appending our data safety elements to that. We have a series of principles that we use
to help drive safety throughout our organization, whether it’s data safety, cyber safety, or
physical safety, that’s now being built into everything that we do. What are the primary security and support
issues that you see? When you think about security and support,
what comes to your mind? What comes to my mind is training, awareness,
and preparation are part of your program because most of the issues that happen in security
happen on two legs, not on two wires. We need to do what’s necessary on the two
wires side on technology making sure that we have the right monitoring, detection, and
patching capabilities put in place, but we also need to make sure you’re testing those
folks, that you train them, you educate them, you test them, and then you repeat. Fantastic. Any closing thoughts? Absolutely. We think about safety [as] being not only
just a technology component but a people component. I think we, not only as corporations, can
play a role in that, but we as a society can play a role in that and keep everyone cyber
safe. I love it. Earl Newsome, Chief Information Officer at
Praxair, thank you so much for taking the time to speak with us today. Thank you, Michael.

Leave a Reply

Your email address will not be published. Required fields are marked *