
![]() |
Charlotte Stonestreet
Managing Editor |
Home >Three-fifths of the industrial control industry has not deployed security configuration management
Three-fifths of the industrial control industry has not deployed security configuration management
20 January 2014
At the eighth annual American Petroleum Institute Cybersecurity Conference, Tripwire has announced the results of research comparing risk-based security management in the industrial sector to that of other industries.
Conducted during 2013 with the Ponemon Institute, the survey evaluates the attitudes of 1320 respondents from the US and UK.
The study has revealed that the industrial sector is less effective than other industries in deploying risk management controls and communicating effectively about security. While 51% use formal risk assessments to identify security risks (5% higher than the survey average), only 40% have fully or partially deployed security configuration management, differing from the survey average of 49%. And only 56% listed an "openness to challenge assumptions” as one of the top three features most critical to the success of a risk-based security management approach, 6% lower than the survey average.
"With the rapid escalation of critical infrastructure cybersecurity threats, industrial control organizations have a lot to do,” said Dwayne Melancon, chief technology officer for Tripwire. "It is encouraging that they are embracing a risk-based view of their operations at a higher than average rate, but this is not enough to protect them against determined attackers. It is imperative for this sector to get a handle on system hardening and configuration management practices to improve security and reliability.”
"Even though industrial sector organizations are actively considering security risks, they must also improve their willingness to elevate key risks to the executive level,” Melancon continued. "Security risks must be considered in context with overall business risk or the entire organization’s success will be in jeopardy.”
Tripwire is a provider of risk-based security and compliance management, enabling enterprises to effectively connect security to their business.
- Air springs for aerospace
- £10k manufacturing grant for start-ups directed by under 30s
- Online seminar to cover electrical testing of critical motors
- Change management a priority for additive manufacturing
- Using AI to create safer cars
- Integrated warehouse solutions
- Automation mitigates sector challenges
- Maintenance in the era of 4.0 - it's still all about the people
- Honda tests prototype autonomous work vehicle
- AM machine for batch production added
- No related articles listed