At the INSIDER we’ve been saying this for years. The adoption of even basic cyber security actions in the industrial space is very low. Many companies believe that they are “pretty safe” because they are relatively obscure. But I recall a conversation with the head of IT of a regional potato chip company about 7 or 8 years ago: “I never thought anybody would cyber attack us. We make potato chips, for God’s sake.”
Honeywell, which has maintained a very high emphasis on cyber security in the industrial environment for over a decade now, sponsored a report by LNS Research on adoption of cyber security practices.
Here’s the press release with the study’s findings. All we can say is, “Wake up, people!”
The issue has gone beyond lack of knowledge. As Joy Ward, Spitzer and Boyes LLC’s director of research says, if you put together a good intellectual argument, and nobody is buying, you are looking at high emotional barriers. She recommends doing some serious qualitative research to determine what those barriers are, so that the intellectual argument can be adjusted and become effective.
Either that, or we need to prepare for a cyber disaster of enormous proportions.
HONEYWELL SURVEY SHOWS LOW ADOPTION OF INDUSTRIAL CYBER SECURITY MEASURES
Almost two thirds of surveyed companies don’t monitor for suspicious behavior
HOUSTON, December 6, 2017 – Honeywell (NYSE: HON) today released a new study showing industrial companies are not moving quickly to adopt cyber security measures to protect their data and operations, even as attacks have increased around the globe.
The survey – Putting Industrial Cyber Security at the Top of the CEO Agenda – was conducted by LNS Research and sponsored by Honeywell. It polled 130 strategic decision makers from industrial companies about their approach to the Industrial Internet of Things (IIoT), and their use of industrial cyber security technologies and practices. Among the findings were:
• More than half of respondents reported working in an industrial facility that already has had a cyber security breach.
• 45% of the responding companies still do not have an accountable enterprise leader for cyber security.
• Only 37% are monitoring for suspicious behavior.
• Although many companies are conducting regular risk assessments, 20% are not doing them at all.
“Decision makers are more aware of threats and some progress has been made to address them, but this report reinforces that cyber security fundamentals haven’t been adopted by a significant portion of the industrial community,” said Jeff Zindel, vice president and general manager, Honeywell Industrial Cyber Security. “In order to take advantage of the tremendous benefits of industrial digital transformation and IIoT, companies must improve their cyber security defenses and adapt to the heightened threat landscape now.”
The study suggests these three immediate actions for any industrial organization to capture the value of the new technologies:
1. Making industrial cyber security part of digital transformation strategies;
2. Driving best practice adoption across people, processes and technology, from access controls to risk monitoring, and tap external cyber expertise to fill gaps
3. Focusing on empowering leaders and building an organizational structure that breaks down the silos between IT and OT.
“Cyber security needs to be part of every CEO’s agenda to ensure the effective, immediate and long-term deployment of strategies and technologies such as IIoT,” said Matthew Littlefield, president and principal analyst, LNS Research. “In short, in order for a business to succeed on its digital transformation journey, it needs to succeed with industrial cyber security.”
LNS Research is a global leader in research and advisory for digital transformation of industry, delivering technology insights for business executives. Its analysts focus on identifying the metrics, leadership, business process, and technology capabilities effecting change.
Honeywell’s industrial cyber security technologies and expertise address many of the issues identified in the LNS Research study. For more information, please visit https://hwll.co/uhrgs and www.becybersecure.com.