This week’s podcast deals with industrial cyber security, but I have even more data for y’all. I downloaded a report by the SANS Institute that was commissioned by Nozomi Networks on industrial security to find out what people were worried about, and what they were actually doing. The good news is that concern over cybersecurity is high and spending is up.
Forty-six percent of respondents are allocating more money this year to cybersecurity and 46 percent are keeping their budgets the same. Only 8 percent are seeing their security budgets decline. Across the board, industrial companies are monitoring more things and trying to move beyond surface-security products such as anti-virus software. The biggest perceived risk for most of these companies isn’t in their connected sensors, but in devices that are running Linux or Microsoft operating systems.
But even as industrial companies take positive steps, they are not taking what feels like an essential first step toward building more secure operations. One-third aren’t requiring some security as part of their procurement process, and another third merely ask for compliance on a list of standards.