The most common information security risks
A recent survey conducted by Electroustic revealed industry’s unsustainable approach to information security. The survey showed a pressing lack of information about the most common security risks in an age where industrial internet and remote data access are steadily being implemented on the factory floor. An impressive 34% of respondents said their companies have no information security policy.
The survey identified hacking as the biggest security concern, with 31% of respondents worried about it, followed by human error (17%) and cloud computing (11%). While it’s true that most security breaches are caused by outsider attacks, these often come in the form of malicious software and can easily be averted with the correct staff training and appropriate infrastructure.
User education and awareness are two additional points in the Electroustic survey where respondents didn’t fare particularly well, which suggests industrial companies need to do more to tackle the problem. User security policies describing best practice when using a company’s ICT systems should be formally acknowledged in employment terms and conditions. IT induction programmes should be complemented with regular training on the cyber risks faced as employees and individuals.
The latest industry trends, including industrial internet, remote data access and Industry 4.0 are drastically changing the industry landscape and the skills employees are expected to bring to the table. Companies need to do more to prevent and address IT security breaches and the best way to do so is by training staff, implementing reliable industrial security solutions and keeping up to date with the latest industry developments.
“The huge range of available IT security products for industry is a double-edged sword for many companies,” explains Paul Carr, Managing Director and Owner, Electroustic. “Although there are a lot of options to choose from, inexperienced companies can easily end up spending a fortune on IT security systems that might not be appropriate for their specific needs. In terms of network security, establishing multi-layered defences using industrial firewalls, like Tofino’s Xenon, is crucial. A reliable industrial firewall should be easy to implement and manage, while also being versatile and rugged. A good IT security system should ensure a company meets and exceeds North American Electric Reliability Corporation Critical Infrastructure Protection requirements and ISA/IEC-62443 Standards.”