What is a cyber-physical system?

Gartner defines Cyber-physical Systems (CPSs) as those that are designed to "orchestrate sensing, computation, control, networking and analytics to interact with the physical world (including humans)".

Though often not factored into compliance or risk assesment, these systems have become pervasive, and support many aspects of corporate and organisaional infrastructure including asset-intensive and critical systems such as clinical healthcare environments.

Issues in the digital world will increasingly have much more effect in the physical one because of the increasing interdependency between the two. And to compound the issue, many such vulnerabilities exist in legacy environments that have been connected to enterprise networks by teams outside of an organisation's core infrastructure.

What can be done now?

It is recommended that business leaders establish a clear and demonstrable organisational culture to establish good governance and proactive compliance, together with the ability to assess and interpret risk effectively.

• Provide a clear vision
• Develop a consistent roadmap
• Establish accountability

The complexity of regulations makes it challenging for organisations and administrators to formulate specific actions that can be taken to meet compliance requirements, and it can be overwhelming to know where to start and what to implement. Executives are more likely to subscribe to a vision when it is laid out in non-technical terms - it is crucial to support business outcomes rather than just protecting critical systems.

It is imperative to have a data strategy and governance framework in place, as this will siginificantly improve an organisation's ability to analyse risk and produce actions and reporting as required. Improving the effectiveness of compliance and risk controls will best position any organisation to face an uncertain future of increasing challenges.