Tracking Cybersecurity Progress at Industrial Companies

Although cybersecurity has become a priority at many manufacturing companies, risks have increased at the same time.
To better understand how companies are addressing heightened risks, Manufacturers Alliance and Fortinet partnered to study the strategies companies are using to cope with the new threat landscape, the state of collaboration between IT and operational technology, the tactics that have promise, and the barriers to progress.
Building on a related 2020 study, the 2023 study shows where companies have made progress and where they may have stalled over the last three years.
For an increasing number of companies, the risk of cyberattacks has moved from theoretical to real, so it shouldn't be a surprise that more manufacturers are focusing on cybersecurity now.
In the past few years, companies in multiple industries have been targeted with high-profile attacks on food processing, consumer packaged goods, and energy companies.
Manufacturers identified extortion through ransomware as their top concern, and 36% fell victim to a ransomware attack last year, up significantly from the 23% in the 2020 survey.
For equipment already in place, regular audits and assessments are critical elements in the cybersecurity equation.
Manufacturers are increasing their efforts, with 48% of survey respondents saying that they have conducted audits or assessments related to OT security within the past six months, up from 44% in 2020.
Many manufacturers are also taking a closer look at third-party vendors and service providers, such as system integrators, machine builders, and automation suppliers.
The majority of companies indicate that they require third parties to undergo comprehensive assessment and management.
The rest of the companies say their assessments and management are partial, limited, or non-existent.
Patching a 20-year-old device may be difficult or impossible, and for many companies, incrementally addressing the issues surrounding legacy equipment is the only way to make progress.
The lack of skilled personnel is another issue many companies face.
The cybersecurity talent shortage is making it harder to fill open OT security positions, which can lead to team burnout and increased overall risk.
When asked if they expect to have the right talent in place to address OT cybersecurity risks within the next three years, 22% of respondents said they are not confident, marking a slight deterioration since the 2020 survey.
Although communication between IT and OT is critical, many manufacturers are struggling with IT/OT collaboration in the aftermath of a breach.
Ineffective communication between IT and OT was ranked as a barrier to effective breach response by 82% of the companies surveyed.
As manufacturers evaluate how to blend new technologies for competitive growth, they must also build security into their plans and look at ways to facilitate IT/OT collaboration.
The reality is that even though manufacturers have made progress over the past few years, they may not be moving fast enough to stay ahead of OT threats.
Read the full report to find out how manufacturers can incorporate cybersecurity into their modernization plans.


This Cyber News was published on feeds.fortinet.com. Publication date: Wed, 06 Dec 2023 16:43:05 +0000


Cyber News related to Tracking Cybersecurity Progress at Industrial Companies

Tracking Cybersecurity Progress at Industrial Companies - Although cybersecurity has become a priority at many manufacturing companies, risks have increased at the same time. To better understand how companies are addressing heightened risks, Manufacturers Alliance and Fortinet partnered to study the ...
11 months ago Feeds.fortinet.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
11 months ago Feeds.dzone.com
SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022 - MSSPs took the lead in cybersecurity M&A in 2022 with twice as many deals as in 2021. An analysis conducted by SecurityWeek shows that more than 450 cybersecurity-related mergers and acquisitions were announced in 2022. In 2022, we tracked a total of ...
1 year ago Securityweek.com
Growing threats outpace cybersecurity workforce - The cybersecurity skills shortage threatens the well-being and even survival of numerous businesses as cybersecurity threats grow more numerous, sophisticated, and dangerous to the point that cybersecurity groups have vowed not to pay ransom demands. ...
9 months ago Legal.thomsonreuters.com
Cyber Employment 2024: Sky-High Expectations Fail Businesses & Job Seekers - Well-publicized estimates of a massive shortfall in cybersecurity workers have resulted in high expectations among job seekers in the field, but the reality often falls flat, because of a mismatch between companies' requirements and job seekers' ...
10 months ago Darkreading.com
Fortinet Contributes to World Economic Forum's Strategic Cybersecurity Talent Framework - Shining a light on the cybersecurity workforce challenge, the World Economic Forum recently published its Strategic Cybersecurity Talent Framework, which is intended to serve as a reference for public and private decision-makers concerned by the ...
5 months ago Feeds.fortinet.com
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
10 months ago Securityzap.com
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
11 months ago Darkreading.com
MoveIt Transfer vulnerability targeted amid disclosure drama - Another vulnerability in Progress Software's MoveIt Transfer product is under attack amid an apparent leak of flaw. In security alerts published on Tuesday, Progress detailed two critical improper authentication vulnerabilities, one tracked as ...
4 months ago Techtarget.com
Recapping Cisco industrial IoT's journey: A year of security, simplification and innovation - In this blog, we'll take a look back at the key topics and trends that defined the industrial IoT journey in 2023. Empowering our industrial customers to digitize and secure operations at the same time has been prevalent in every conversation this ...
10 months ago Feedpress.me
How to become a cybersecurity architect - Cybersecurity architects implement and maintain a comprehensive cybersecurity framework to protect their company's digital assets. The cybersecurity architect position is a fundamental role that all organizations need, said Lester Nichols, director ...
4 months ago Techtarget.com
Cybersecurity Curriculum Development Tips for Schools - With the constant threat of cyber attacks, schools must prioritize the development of a robust cybersecurity curriculum to equip students with the necessary skills and knowledge. This article provides valuable insights and tips for schools aiming to ...
10 months ago Securityzap.com
The Importance of Cybersecurity Education in Schools - Cybersecurity education equips students with the knowledge and skills needed to protect themselves and others from cyber threats. Cybersecurity education can teach students about the impact of cyberbullying, how to prevent it, and how to respond ...
10 months ago Securityzap.com
Cybersecurity Workforce Sustainability has a Problem. DEI Could be the Solution. - That's particularly true in cybersecurity, where it's increasingly difficult for organizations to fill critical roles during a worsening global talent shortage. There were more than four million unfilled cybersecurity jobs at the end of 2023. While ...
4 months ago Securityboulevard.com
Cybersecurity funding in 2024: Survival of the financially fittest - Attacker tactics, techniques, and procedures always evolve, which means companies will need new cybersecurity tools with improved capabilities. Cybersecurity startups raised massive rounds of funding with sometimes exorbitant valuations. ...
10 months ago Scmagazine.com
Key cybersecurity skills gap statistics you should be aware of - As the sophistication and frequency of cyber threats continue to escalate, the demand for skilled cybersecurity professionals has never been bigger. The skills gap is not merely a statistical discrepancy; it represents a substantial vulnerability in ...
10 months ago Helpnetsecurity.com
Digital Learning Tools for Cybersecurity Education - In the field of cybersecurity education, digital learning tools have become indispensable. This article explores various digital learning tools tailored specifically to cybersecurity education. These digital learning tools play a crucial role in ...
10 months ago Securityzap.com
What the cybersecurity workforce can expect in 2024 - For cybersecurity professionals, 2023 was a mixed bag of opportunities and concerns. The good news is that the number of people in cybersecurity jobs has reached its highest number ever: 5.5 million, according to the 2023 ISC2 Global Workforce Study. ...
10 months ago Securityintelligence.com
Cybersecurity Training for Business Leaders - This article explores the significance of cybersecurity training for business leaders and its crucial role in establishing a secure and resilient business environment. By examining the key components of effective training programs and the ...
9 months ago Securityzap.com
How to Avoid Falling Below the Cybersecurity Poverty Line - The security poverty line broadly defines a divide between the organizations that have the means and resources to achieve and maintain mature security postures to protect data, and those that do not. It was first coined by cybersecurity expert Wendy ...
1 year ago Csoonline.com
Kaspersky Unveils New Flagship Product Line for Business, Kaspersky Next - PRESS RELEASE. Woburn, MA - April 16, 2024 - Today Kaspersky introduced its new flagship product line, Kaspersky Next, combining robust endpoint protection with the transparency and speed of EDR, alongside the visibility and powerful tools of XDR. ...
6 months ago Darkreading.com
Gamification in Cybersecurity Education - Gamification has become increasingly prevalent in numerous domains, including cybersecurity education. Gamification presents a promising approach to meet this challenge, making cybersecurity education both effective and enjoyable. One way to ...
10 months ago Securityzap.com
Developing Cybersecurity Awareness Programs for Schools - Schools are increasingly becoming targets for cyberattacks, necessitating the development of robust cybersecurity awareness programs. Ultimately, a comprehensive cybersecurity awareness program is essential for schools to mitigate risks, enhance ...
10 months ago Securityzap.com
What is the NIST Cybersecurity Framework? Definition from SearchSecurity - The NIST Cybersecurity Framework provides guidance on how to manage and reduce IT infrastructure security risk. NIST created the CSF to help private sector organizations in the United States develop a roadmap for critical infrastructure ...
9 months ago Techtarget.com
Microsoft SFI progress report elicits cautious optimism | TechTarget - "After a year, it looks like Microsoft has made some smart and substantive initial progress in elevating security across the whole organization: investment in security-focused head count, inclusion of security into performance reports across the ...
1 month ago Techtarget.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)