Two recent executive surveys present divergent assessments of executive confidence in their organizations’ level of cyber risk preparedness.
The Cyber Risk in Advanced Manufacturing report, surveyed 225 participants and included 35 executive interviews. The report, conducted by Deloitte and the Manufacturer’s Alliance for Productivity and Innovation (MAPI), found that nearly half of executives lack confidence in their organizations’ level of protection from external threats.
As the manufacturing industry navigates digital transformation and new operational models that increasingly rely on connected products, the study highlighted several cybersecurity themes. The emerging themes include executive and board level engagement, talent and human capital, intellectual property, industrial control systems (ICS), connected products, and industrial ecosystems.
The survey emphasized risks facing connected industrial control systems. ICS operators received an urgent reminder of critical cyber vulnerabilities last week after a ransomware attack on the Colonial Pipeline last Friday caused the company to halt all pipeline operations.
In the Middle Market Business Index Special Report on Cybersecurity, RSM US LLP collaborated with the U.S. Chamber of Commerce to assess cybersecurity perspectives of 400 mid-market executives. In contrast to Deloitte’s survey, RSM’s mid-market report showed that 93 percent of executives were confident in their organization’s ability to safeguard customer data. Yet, more than a fifth of the respondents indicated their companies experienced a data breach in the past year. RSM US also identified concerning cybersecurity trends, which included incomplete information, cyber insurance concerns, ransomware, GDPR noncompliance, and secondary controls.
Despite these differences in study findings, there are steps that executives need to be taking regardless of their confidence levels in their company. Deloitte encourages leaders to set the right cybersecurity tone, assess risk broadly, socialize the risk profile, build in security, consider data an asset, assess third-party risks, be vigilant with monitoring, always be prepared, clarify organizational responsibilities, and drive increased awareness.
With these steps, executives will be able to better protect their organizations from cyberattacks and potentially improve confidence levels. These studies conducted by Deloitte US and RSM US have allowed executives a look into where problems still arise in cybersecurity and how their companies can avoid them.