Companies risk significant financial losses, face customer backlash, and ruin market reputation due to cybersecurity issues ever year. But when it comes to allocating funds to avoid such breaches, they had allocated only about 25 per cent of the last year’s budget for cybersecurity. However, they are expecting to increase the spending by 37 per cent within the next five years, said a survey.
According to a Honeywell survey of business leaders in India released recently, industrial cybersecurity breaches have been damaging organisations, impacting the bottom line as well as tarnishing company reputation.
The survey polled strategic decision-makers from Indian industrial companies on types of cybersecurity threats, their approach to deal with them, and their organisation’s respective preparedness as they adopt industrial internet of things-enabled technologies.
Almost 50 per cent of respondents, who experienced a cybersecurity breach in the past, have reported a reputational impact on their businesses, it added. “This information from the survey reveals that while decision-makers are more aware of threats, cybersecurity layers of defence have not yet been implemented by a majority of India’s industrial community,” said Ashish Gaikwad, MD, Honeywell Automation India Limited.
“The cost of industrial cyber attacks cannot be measured in capital losses alone, but must also be measured by the potential reputational damage a company could sustain. These survey findings underscore the need for our ongoing work to ensure every enterprise can safely manage their cybersecurity risks in future,” he added.
Almost 49 per cent of the respondents said, there was a reputational impact on their businesses as a result of the breach they faced. Further, about 48 per cent of firms had to suspend their operations for some period of time after they suffered the breach, the survey added.
When asked about the best practices to self-assess cybersecurity maturity levels using industry-standard models, 6 per cent respondents believe their organisation is at the lowest “non-existent” maturity level, while 30 per cent of them believe their organisation is at the “managed” level of industrial cybersecurity maturity. Only about 20 per cent of them believes their organisation is at the more advanced “optimised” level.
According to the survey, about 50 per cent have cloud-based monitoring to identify potential cyber threats external to their organisation. Firms should define a clear cybersecurity roadmap to improve maturity levels and invest in the latest technology to optimize cybersecurity operations, it suggested.