Industrial Cybersecurity Awareness Remains Low Among Manufacturers

The influx of IT solutions into the operational technology space highlights the need for security-by-design rather than security-by-default, finds Frost & Sullivan

Matej Morderc/iStock
Matej Morderc/iStock

Awareness toward industrial cybersecurity continues to remain low despite the increase in the number of high profile silent attacks, according to new analysis from Frost & Sullivan.

While traditional manufacturing industries were not designed with security in mind, the proliferation of networks and devices, disparate communication channels, and the use of off-the-shelf software has thrust cybersecurity into the spotlight.

Safety and security concerns associated with the high levels of connectivity and integration are surfacing as the concept of the Internet of Things (IoT) takes shape in the industrial networks and manufacturing plant floors. The alarming frequency of sophisticated and targeted advanced persistent threats has given further weight to the safety argument across both process and discrete industries.

The new report finds that the global cybersecurity market for control systems is expected to grow at an annual rate between 20 to 25 percent through 2021. North America and Europe will remain at the forefront of awareness and initiating technology advancements that address attacks from advanced persistent threats.

"Enterprises currently employ a broad, layered approach towards protecting cyber assets while industry organizations work on establishing suitable standards," said Frost & Sullivan Industrial Automation and Process Control Senior Research Analyst Sonia Francisco. "Partnerships among government, industry and research institutes will be vital in forming robust, industry-based standards that will speed up the development of comprehensive security management solutions."

READ ALSO: Honeywell Opens New Cybersecurity Research Lab To Combat Industrial Cyber Attacks

As the IoT concept transforms plant architecture, Frost & Sullivan says defense-by-default security strategies will give way to defense-by-design solutions. In-built security solutions that can sense, adapt, modify and respond to threats based on various ecosystem parameters will gain traction.

Creating industry- and application-specific solutions will also be crucial as information technology (IT) solutions continue to stream into the operational technology (OT) space. Solution providers in the IT and the OT ecosystems must join hands to deploy end-to-end cyber security solutions for industrial systems.

"Such extensive integration will require a new age workforce with both IT and OT expertise," noted Francisco. "Cybersecurity service providers can provide training and change management solutions that will bridge the knowledge gap."

As a majority of industries upgrade to smart systems and processes, industrial cybersecurity will soon make the inevitable shift from a reactive operating model to a proactive design philosophy.

For more on Frost & Sullivan’s report, The Safety-Security Argument: Expanding Needs in a Connected Enterprise, click here.

More in Process Control & Automation