Industrial Businesses Know They Need More Cybersecurity; Don't Do Much About It

According to a recent survey by independent research organization Ponemon Institute and Unisys, industrial cybersecurity is a lot like diet and exercise. Most of us know we should do a lot more of it than we do—but we don't.   

The study, "Critical Infrastructure: Security Preparedness and Maturity," found big security gaps in the world's critical infrastructure organizations that could impact their ability to prevent devastating attacks to disrupt power generation and other critical functions. The study surveyed 599 global IT and IT security executives at utility, oil and gas, alternate energy and manufacturing organizations in 13 countries from April to May 2014. These industries have become high-risk targets for cybersecurity incidents.

According to the survey, only 17% of companies represented in the research self-reported that most of their IT security program activities are deployed. Fifty percent say either that their IT security activities haven't been defined or deployed (7%), or they've defined activities, but they're only partially deployed (43%). Only 28% of respondents agree that security is one of the top five strategic priorities across the enterprise. At the same time, 57% of respondents agree that cyber threats put industrial control systems and SCADA at greater risk. Ten percent more (67%) say their companies have had at least one security compromise that led to the loss of confidential information or disruption to operations over the past 12 months.

So what are companies waiting for?

Reasons cover everything from lack of knowledge about threat severity to worry about the cost-effectiveness of remedial efforts and the effect they might have on uptime. A full one-third of those surveyed reported they were unaware of the potential vulnerabilities in their ICS/SCADA environment, and another 19% said they were unsure about the degree of threat.

The perception that much of their corporate network is out of the control of those responsible for security is another factor. Sixty-eight percent said that up to a quarter of their network components, including third-party endpoints such as smartphones and home computers, are outside the direct control of their organization's security operations. Another 30% estimate that between one-quarter and three-quarters of their networks are out of their control.  

Finally, there's that "is-it-worth-it" factor. When asked whether they were confident they could upgrade legacy systems to improve security while maintaining operation functionality and cost-effectiveness, more than half said they were not very confident or unsure.

The complete report is available at


More News:

  • New Customer Care Center for Endress+Hauser

    To help customers keep up with today's challenges, Endress+Hauser's new, state-of-the-art Customer Center is suited to greet visitors with a top-notch certified training facility with multiple classrooms and its largest yet PTU controlled by Rockwell Automation's PlantPAx system for real-world process simulation with over 120 measuring points.

  • The Rise of Aluminum in the Industrial Sector

    It is not just price that makes aluminum appealing when put alongside copper in the production of items like electrical wires and cables, though.

  • Maverick Acquires CQS Innovation Expanding Process Expertise in the Life Sciences Industry

    The acquisition expands Maverick's size and scale as a global organization with 19 office locations and 500+ engineering professionals. In addition, Chris Roerig, current president of CQS Innovation, will join Maverick as industry manager for life sciences.

  • ISA Offers Cybersecurity Certificate Program

    The program consists of passing a course on using the ANSI/ISA-62443 standards to secure industrial control systems. The course is available in the classroom or online. Students must also pass a written exam in the classroom or online.

  • Fieldbus Groups 'Unite'

    The combined power of both organizations will aim to protect the investments that end users in process automation have made in HART and Foundation fieldbus communication technologies.

  • Guess Who Just Turned 125 Years Old?

    ABB recently celebrated its 125th anniversary in Finland.

  • Pepperl+Fuchs' New 5500 Type Z/ Ex Pz Smart Purge System

    Pepperl+Fuchs' New 5500 Type Z/Ex Pz Purge System is Designed to Help OEMs, Panel Builders and Just About Anyone Dealing With Haz-loc Areas by Making this Type of System Easy to Implement

  • WEG Electric Introduces the CFW500 Machinery Drive

    WEG's engineers specifically designed this new drive with increased features that focus on the machinery manufacturer's needs. It is simple, efficient, flexible and can be commissioned quickly and easily.

  • Manufacturing Technology Orders Down in May 2014

    Expectations for the 2014 manufacturing technology market were for a soft first half of the year, followed by a stronger second half. The fluctuations seen in the past few months are on track with forecasts, and all indications are that U.S. manufacturing activity is and will remain strong

  • Fast 2014 Start for NA Robotics

    A record 14,135 robots, valued at $788 million were ordered from North American robotics companies in the first half of 2014, an increase of 30% in units and 16% in revenue over the same period in 2013.

All news »

What are your comments?

You cannot post comments until you have logged in. Login Here.


No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments