As you integrate your company’s industrial control and corporate information systems, you may be making your firm more vulnerable to cyber-attacks.
According to new research from KPMG, this can happen when businesses fail to put in place adequate cyber defences.
KPMG spoke to 350 senior IT, engineering and operations professionals responsible for ensuring the security of some of the UK’s most strategically important businesses.
80 per cent of respondents surveyed said they already have or are planning to merge their production and corporate IT systems, and 83 per cent of respondents believe that their production systems are likely to be targeted.
Worryingly, two-thirds of the respondents said their organisation had not factored in the significant threat that cyber criminals pose to their industrial control systems.
“As industrial control systems evolve companies are looking to reduce costs and improve efficiency by consolidating IT services and adopting sophisticated data analytics, integrating previously standalone control systems with corporate intranets or even the internet. In doing so, they may open themselves up to threats including organised crime, hacktivism and even state sponsored attack,” said Roy McNamara of KPMG’s Cyber Security team.
“Industrial control systems operate the majority of our critical national infrastructure and manufacturing sector such as power grids, oil refineries, production plants and traffic controls systems. In a worst case scenario cyber criminals could target these control systems in order to sabotage critical infrastructure or cause economic damage.
“This doesn’t mean that businesses should halt the process of converging these systems, with potentially huge benefits in doing so, but they do need to identify and manage the associated risks – and that means thinking about cyber security up front before regulation or security incidents force their hand.”
Image source: Shutterstock