In spite of the mounting threat, almost half of manufacturers don’t yet prioritize cybersecurity, according to a survey by France-based consulting firm Capgemini. While 51% of industrial companies say they expect the number of cyberattacks on their smart factories to rise over the next 12 months, 47% said that cybersecurity in smart factories was not a C-level concern.
“Unless this is made a board-level priority, it will be difficult for organizations to overcome these challenges, educate their employees and vendors, and streamline communication between cybersecurity teams and the C-suite," Geert van der Linden, cybersecurity business lead at Capgemini, said in a statement.
Better communication between the information technology department and C-suite executives can help keep cybersecurity threats from slipping through the cracks, according to a World Economic Forum blog post. “Cybercriminals are generally successful not because their attack methods are so sophisticated that they fool security solutions, but because of fundamental corporate security issues that remain unaddressed,” KnowBe4’s Javvad Malik writes. Such issues range from end-users falling for phishing emails to wider procedural flaws.
IT pros, Malik suggests, need to better understand business strategy and objectives so they can then educate board members about why cybersecurity is strategically important.
Similarly, participants at a private equity cybersecurity roundtable event organized by NCC Group recently stressed the need for “collaboration and education” at a governance level, particularly relating to third-party or supply chain risk, according to a blog post from the IT security firm. Other recommendations included due diligence around data risk and seizing the opportunity for companies to reevaluate their cyber strategies.
In the future, companies may find ways to make their cybersecurity procedures more streamlined. Amit Bareket, co-founder and CEO of Perimeter 81, tells BankInfoSecurity, “We did a survey, and we found that organizations on average have more than 15 different security solutions that they’re implementing … this drives alert fatigue.”