Regulatory pressure complicates cybersecurity for industrial equipment manufacturers

50% of companies lack a dedicated security function for control systems and devices within their organizational structure, according to Cybellum.

Security incidents involving industrial organizations have seen a sharp rise in recent years, with notable cases highlighting the vulnerabilities in our interconnected world. IT-OT convergence, as well as the trend towards remote maintenance, amplify potential risks even further.

As industrial devices become increasingly software-driven machines reliant on an insecure software supply chain, and with regulatory pressure on the rise, it has become seemingly impossible for equipment manufacturers to keep their entire product portfolio secure and compliant at all times. Mission-critical industrial equipment is now more exposed to attack than ever before.

Security challenges faced by industrial equipment manufacturers

98% of respondents recognize the importance of device security for OT network security. The primary product security challenge faced by industrial equipment manufacturers revolves around the pursuit for enhanced efficiency, including optimizing the utilization of cybersecurity talent, reducing manual efforts, and expediting processes.

The quest for continuous product security throughout the entire lifespan of industrial devices, and the management of an expanding array of tools and technologies, emerge as critical challenges, as cited by 30% of survey respondents.

Only 24% of respondents rank software supply chain security as a top challenge for this year. Industrial equipment manufacturers highlight increasing compliance with regulations and standards as their top priority, with 37% of companies prioritizing this aspect in their roadmap.

“Our survey aims to understand the maturity of industrial control systems and device cybersecurity processes, and identify the main gaps experienced by industrial equipment manufacturers”, said Guy Gilam, Head of Product Marketing at Cybellum. “With the growing incidence of attacks on critical systems, it’s crucial to uncover these gaps and find a more comprehensive and effective approach to securing the industrial device landscape.”

Cybellum will present the findings from the survey in a webinar session on September 27, 2023, at 10 am ET. To sign up for this session or to receive a recording post-webinar, register here.