Almost two-thirds of companies responding to a new survey reported that they do not monitor for suspicious behaviour.
The study – sponsored by Honeywell – showed that industrial companies are not moving quickly to adopt cyber security measures to protect their data and operations, despite the number of attacks increasing around the world.
Conducted by LNS Research, the survey – ‘Putting Industrial Cyber Security at the Top of the CEO Agenda’ – polled 130 strategic decision-makers from industrial companies about their approach to the Industrial Internet of Things (IIoT), as well as their use of industrial cyber security technologies and practices.
It found that more than half of respondents reported working in an industrial facility that already has had a cyber security breach, while 45 per cent of the responding companies still do not have an accountable enterprise leader for cyber security.
The research also revealed that although many companies are conducting regular risk assessments, 20 per cent are not carrying them out at all.
Jeff Zindel, vice-president and general manager of Honeywell Industrial Cyber Security, said: “Decision-makers are more aware of threats and some progress has been made to address them, but this report reinforces that cyber security fundamentals haven’t been adopted by a significant portion of the industrial community.
“In order to take advantage of the tremendous benefits of industrial digital transformation and IIoT, companies must improve their cyber security defenses and adapt to the heightened threat landscape now.”
According to the study findings, industrial organisations should make cyber security part of digital transformation strategies. They should also aim to drive best practice adoption across people, processes and technology, from access controls to risk monitoring, as well as tap into external cyber expertise to fill gaps.
In addition, the study recommended that they focus on empowering leaders.