There really aren’t adequate words to describe 2020.
It was a year that no one saw coming – not even those who live and breathe a world of risk assessment.
And everyone was affected.
After such a year, it’s even more important than ever to take a look at where we’re at and
what’s coming in 2021 for industrial security.
We’re going to give you a brief overview of what we learned and then you can download the full report for more in-depth information.
Here’s what you need to know about what to expect in industrial security in 2021.
Who We Surveyed
Respondents from 16+ diverse industries took part. And when we say “diverse,” that’s exactly what we mean.
From construction and manufacturing to healthcare and higher ed, we really ran the gamut. Here’s a breakdown:
- Aerospace and defense
- Consulting and professional services
- Information technology and services
- Computer software
- Higher education
- Computer and network security
- Facilities operations and management
- Government contracting
- Oil and energy
- Banking and finance
- And a small percentage of “other” industries.
As far as the size of the companies, we surveyed those that had less than 100 employees, all the way up to those that have more than 5,000, with revenues from $0-$50 million, to those that make more than $1 billion.
According to our survey subjects, the three biggest threats in 2021 are phishing, social engineering, and remote work.
We weren’t surprised that companies are worried about the vulnerabilities presented by work-from-home situations.
What was more curious was what wasn’t high on the list: supply chain security. (Only 7% of respondents said this was the highest risk.)
Priorities for 2021
A whopping 74% of those participating in the survey think that the Cybersecurity Maturity Model Certification (CMMC) will require a significant amount of both time and resources in 2021.
While CMMC led the pack by a huge margin, the other industrial security compliance priorities were CUI, NIST, and then, insider threat.
Effects of COVID-19
Of course, the global pandemic would have a place here. Everything in our society was affected.
So, we asked our respondents to fill us in on the impact COVID had on the security of their businesses or industries.
Here are a few of the highlights:
- 60% had to put new policies and procedures in place to handle a remote workforce.
- 32% invested in new tech hardware for remote workers.
- 21% struggled with balancing federal security rules with adapting to COVID.
The Problem of Government
It seems that the highest percentage of respondents list a lack of clarity by the government and regulators on how to comply with rules and regulations as the biggest obstacle to an industrial security program.
Following the lack of clarity, respondents cite a lack of internal support and silos between internal departments that need to cooperate as the next largest barrier to security programs.
While it may take a while to see the full effect of COVID-19 and the changes in industrial security it brought about, there are some important takeaways from what we’ve seen so far.
1. “Back to Work” Looks Different
Some changes resulting from the pandemic will remain, whether you’re back in the office or working remotely.
2. Security Compliance Management Software is the Way to Go
Out with the old, in with the new. With increased regulatory requirements, manual processes and legacy tech aren’t enough anymore.
3. Traditional & Information Security Look More Alike
You’ve probably heard the saying, “Every job is becoming a tech job.” When it comes to security, the same idea holds true, because every industrial security issue is becoming a cybersecurity issue.
Bottom line, tech specialists need to be more aware of policies and physical security, and those in traditional security should shift their thinking to include more in the realm of cybersecurity.
Read the Full Industrial Security Benchmark Study
We’ve touched on a few of the high points of what the 2021 Industrial Security Benchmark Study covers, so there’s much more for you to explore.
Download the full report here.
Topics from this blog: Industrial Security