Industrial Firms Slow to Adopt Cybersecurity Measures: Honeywell

Industrial companies are slow to adopt cyber security capabilities and technology to protect their data and operations, according to a report released on Wednesday by industrial giant Honeywell.
A survey of 130 strategic decision makers from around the world revealed that more than half of industrial organizations have suffered a cybersecurity incident, including ones involving removable media, denial-of-service (DoS) attacks, malware, hackers breaking into plant IT systems, state-sponsored attacks, and direct attacks on control systems.
However, the study found that organizations underinvest in cybersecurity best practices in terms of people, processes and technology – three elements that need to work in harmony for an organizational culture that takes security seriously, Honeywell said.
Forty percent of respondents said they do have a cybersecurity chief in their organization and 15 percent plan on creating the role in the future. When it comes to having someone in charge of cybersecurity for manufacturing, only 35 percent of firms surveyed by Honeywell said they have someone in this role.
企业信息安全面临更猛烈冲击,移动化和个人化带来更多威胁,让企业网络的安全问题更为复杂。

As for cybersecurity processes, nearly half of organizations have an enterprise- and plant-wide IT account management policy, and 22 percent plan on implementing one within the next year. A similar percentage also has or plans on having a definitive list of connections to the plant and what data flows through them.
Only one-third of respondents said they continually monitor their systems for suspicious activity and one quarter claim they plan on implementing such measures within a year. On the other hand, roughly 70 percent of organizations conduct risk assessments at least once a year, and more than 60 percent test their firewalls at least yearly.
When it comes to adoption of cybersecurity technologies, the Honeywell study shows that many organizations still have a long way to go. A majority of companies only have a firewall between plant and business systems, and only less than one-third have implemented proper access control and authentication measures for devices in the plant.
While the industrial sector is typically slower to adopt new technologies compared to other sectors, many organizations either already have an initiative for digital transformation or they plan on having one within a year. As companies move towards the adoption of the Industrial Internet of Things (IIoT), the main technology pitfall is cyber security, Honeywell said.
The company has advised organizations to ensure that cybersecurity is on the CEO’s agenda. Security needs to be part of the digital transformation strategy, and organizations must focus on adopting best practices.
Honeywell’s complete report, titled “Putting Industrial Cyber Security at the Top of the CEO Agenda,” is available for download in PDF format.
网络安全法普法宣传 004《网络安全法》的突出亮点
Related: Non-Targeted Malware Hits 3,000 Industrial Sites a Year
Related: One-Third of Industrial Networks Connected to Internet
不要希望在灾难出现时,破坏份子会收敛行动,而恰恰相反,利用相关新闻事件的诈骗份子可会好好利用这个时机,组织在这个时候要加强员工计算机安全意识的培训,不要点击那些猎奇的小道消息来源链接及附件。

猜您喜欢

ACCA李志明:CFO们需坚持职业道德 正面应对数字时代挑战
保密第一课
网络安全法培训短片
美女教授颜宁落选中科院院士 大热门落选的还有谁
AMERICANEAGLE TIMBERLANEPETHOSPITAL
网络安全知识宣传活动防范来自竞争者的高级持续性威胁