Human negligence, cyber skills gaps and disinterested senior (C-Suite) executives are putting smart factories at increased risk for serious breaches, according to a Capgemini study. The global consultancy collected responses from cybersecurity leaders in 950 organizations to compile its report Smart & Secure: Why smart factories need to prioritize cybersecurity.
The study reveals that while more than half (51%) of respondents predicted that the number of smart factory attacks would increase over the next 12 months, a similar number (47%) said security is not a concern for C-Suite executives. in organizations.
This kind of disconnect between business and cybersecurity leaders is common across industries. In a survey published last month, 54% of UK and US CISOs complained that their board of directors was not releasing enough funds for vital initiatives.
Capgemini’s cybersecurity business leader Geert van der Linden argues that operational technology (OT) and industrial internet of things (IIOT) devices have expanded the cyberattack surface and made smart factories a significant target for security operators. threats.
“The benefits of digital transformation make manufacturers want to invest heavily in smart factories, but the efforts can be undone in the blink of an eye if cybersecurity is not built in from the start,” adds Van der Linden. “Unless this is a board-level priority, it will be difficult for organizations to overcome these challenges, educate their employees and vendors, and streamline communication between cybersecurity teams and the C-Suite.”
In addition to the C-Suites’ indifference to cybersecurity issues and related budget constraints, the report warns of human challenges that hamper efforts to improve risk mitigation. This takes two forms. The first is employee negligence: 28% of companies affected by cyber attacks in the last 12 months have noticed an increase in employees or vendors bringing in infected devices. This includes laptops and handheld devices used to install and fix smart factory machinery.
The second people-related challenge is cyber skills: 57% of respondents said the shortage of smart factory cybersecurity talent is more acute than that of IT security talent. Many industry organizations also lack dedicated security leadership, the report states.