The report reinforces that cyber-security fundamentals haven’t been adopted by a significant portion of the industrial community even as cyber-attacks have grown.
The survey, ‘Putting Industrial Cyber Security at the Top of the CEO Agenda’ was released on December 8 and was conducted by LNS Research. Sponsored by Honeywell, the survey found that almost two-thirds of surveyed companies don’t monitor for suspicious behavior even as cyber-attacks have grown around the globe.
A number of industrial companies are not moving quickly to adopt cyber security measures to protect their data and operations as the survey polled 130 strategic decision makers from industrial companies about their approach to the Industrial Internet of Things (IIoT), and their use of industrial cyber security technologies and practices.
The findings were alarming. More than half of respondents reported working in an industrial facility that already has had a cyber-security breach while 45% of the responding companies still do not have an enterprise leader who is accountable for cyber security. Only 37% are monitoring for suspicious behavior and although many companies are conducting regular risk assessments, 20% are not doing them at all.
“Decision makers are more aware of threats and some progress has been made to address them, but this report reinforces that cyber security fundamentals haven’t been adopted by a significant portion of the industrial community,” said vice president and general manager, Honeywell Industrial Cyber Security, Jeff Zindel. “In order to take advantage of the tremendous benefits of industrial digital transformation and IIoT, companies must improve their cyber security defenses and adapt to the heightened threat landscape now.”
The study suggests these three immediate actions for any industrial organization to capture the value of the new technologies. One, making industrial cyber security part of digital transformation strategies; two, driving best practice adoption across people, processes and technology, from access controls to risk monitoring, and tap external cyber expertise to fill gaps. And finally, three, focusing on empowering leaders and building an organizational structure that breaks down the silos between IT and OT.
“Cyber security needs to be part of every CEO’s agenda to ensure the effective, immediate and long-term deployment of strategies and technologies such as IIoT,” said president and principal analyst, LNS Research, Matthew Littlefield. “In short, in order for a business to succeed on its digital transformation journey, it needs to succeed with industrial cyber security.”