Industrial firms fail to adopt basic security measures against hackers

Despite constant data breaches, compromises, and the expensive damage control which follows, the majority of industrial enterprises are failing to protect their businesses according to a new survey.
On Wednesday, US conglomerate Honeywell released new research into the state of security in the industrial sector.
Titled, “Putting Industrial Cyber Security at the Top of the CEO Agenda,” an in-depth poll of 130 industrial companies revealed that almost two-thirds of those surveyed — a total of 63 percent — admitted they do not monitor for suspicious behavior, and 45 percent do not even have a cybersecurity expert or manager in place.
Despite over half of these companies, 53 percent in total, reporting that they have already been the victim of at least one cybersecurity breach, 20 percent still do not conduct regular risk assessments.In addition, 25 percent of those surveyed said they never conducted penetration testing, while 13 percent said this practice — which can discover holes in network security before attackers do — occurs less than once every 12 months.
The industrial Internet of Things (IIoT), through the use of sensors, Internet of Things (IoT) devices, embedded connectivity in control components and data analytics, can vastly improve industrial processes.
However, the more connectivity you introduce into a network, the more opportunities there may be for cyberattackers to infiltrate such systems. Together with long upgrade cycles commonly found in industry, businesses may be setting themselves up for a cybersecurity incident.
In June this year, Honda was forced to stop production at a manufacturing plant after WannaCry struck internal systems and barely a week later, employees were locked out of Chernobyl’s radiation monitoring systems due to a successful Petya ransomware campaign.
It is up to other industrial businesses to learn from these examples and tighten up their own controls to prevent becoming a fresh victim of cybercriminals in the future.
“Decision makers are more aware of threats and some progress has been made to address them, but this report reinforces that cybersecurity fundamentals haven’t been adopted by a significant portion of the industrial community,” said Jeff Zindel, vice president and general manager of Honeywell Industrial Cyber Security for Critical Infrastructure & IIoT. “In order to take advantage of the tremendous benefits of industrial digital transformation and IIoT, companies must improve their cybersecurity defenses and adapt to the heightened threat landscape now.”

See also: Harnessing IoT in the enterprise
According to Honeywell, industrial companies need to take security far more seriously if they are going to lower the risk of successful cyberattacks.
As part of this process, firms should drive best practice adoption across their staff and systems; make industrial cybersecurity part of the discussion in business transformation, instill security at every point in the product cycle and focus on building a structure which brings security solutions and industrial operations together.
The 10 step guide to using Tor to protect…
更新终端计算设备的系统和应用软件已经成为一种基本的生存技能,而关注新使用的系统的安全更新问题也是很必要的安全觉悟。
SEE FULL GALLERY
1 – 5 of 10
NEXT
PREV
腾讯副总裁江阳:社交网络是普惠金融最佳载体
More security news
US says it doesn’t need secret court’s approval to ask for encryption backdoors
A giant botnet behind one million malware attacks a month just got shut down
A popular virtual keyboard app leaks 31 million users’ personal data
Android security alert: Google’s latest bulletin warns of 47 bugs, 10 critical
Previous and related coverageQualcomm: Mesh networking is the future of smart homes These four big trends are driving the robotics industry Now, hackers are targeting internet-connected industrial robots
Related Topics:
Security TV
Data Management
鉴于网络攻击日趋严重的威胁,以及对国家安全的影响,企业领导人清楚自己在管理和披露信息安全风险方面的责任是非常重要的。

猜您喜欢

Frost & Sullivan授予Arbor Networks 2017年度DDoS缓解产品市场领先…
来自互联网公司的真实商业间谍案例让企业安全管理人员无法轻松
Security-Frontline-安全前线
社科院建议2018年将房产税纳入立法议程
THEAPOSITION CHEAPERTHANDIRTGUNS
网络安全应急资源调度平台