Survey shows low adoption of industrial cybersecurity measures
Almost two-thirds of surveyed companies don’t monitor for suspicious behaviour
December 6, 2017 by Honeywell
Dec. 6, 2017 – Honeywell today released a new study showing industrial companies are not moving quickly to adopt cybersecurity measures to protect their data and operations, even as attacks have increased around the globe.
The survey, Putting Industrial Cyber Security at the Top of the CEO Agenda, was conducted by LNS Research and sponsored by Honeywell. It polled 130 strategic decision makers from industrial companies about their approach to the Industrial Internet of Things (IIoT), and their use of industrial cybersecurity technologies and practices.
Some finding highlights:
• More than half of respondents reported working in an industrial facility that already has had a cybersecurity breach.
• Forty-five per cent of the responding companies still do not have an accountable enterprise leader for cybersecurity.
• Only 37 per cent are monitoring for suspicious behaviour.
• Although many companies are conducting regular risk assessments, 20 per cent are not doing them at all.
“Decision makers are more aware of threats and some progress has been made to address them, but this report reinforces that cyber security fundamentals haven’t been adopted by a significant portion of the industrial community,” said Jeff Zindel, vice president and general manager, Honeywell Industrial Cyber Security. “In order to take advantage of the tremendous benefits of industrial digital transformation and IIoT, companies must improve their cybersecurity defences and adapt to the heightened threat landscape now.”
The study suggests these three immediate actions for any industrial organization to capture the value of the new technologies:
1. Making industrial cybersecurity part of digital transformation strategies;
2. Driving best practice adoption across people, processes and technology, from access controls to risk monitoring, and tap external cyber expertise to fill gaps
3. Focusing on empowering leaders and building an organizational structure that breaks down the silos between IT and OT.
“Cybersecurity needs to be part of every CEO’s agenda to ensure the effective, immediate and long-term deployment of strategies and technologies such as IIoT,” said Matthew Littlefield, president and principal analyst, LNS Research. “In short, in order for a business to succeed on its digital transformation journey, it needs to succeed with industrial cybersecurity.”