For some industrial organizations, cyber breaches that affect the health of staff and other people are one of the major cybersecurity challenges they face. Almost all enterprises (98%) are confident that sustainable development strategy and the specific role of Chief Sustainability Officer will improve their cybersecurity. However, organizations seem to have a mixed approach to their sustainability policies. 56% of industrial businesses don’t plan on introducing the role of CSO, but around half either already have, or plan to introduce technical measures (50%) and investments (44%) in this area. These are findings from Kaspersky's ‘The State of Industrial Cybersecurity in the Era of Digitalization’ research.
Sustainability requires a complex approach that covers many aspects of an organization’s work, from regulatory compliance, a reliable supply chain and trusted customer relations to social responsibility, green initiatives and human resources. The level of protection from cyberthreats in industrial organizations can directly impact the safety of their employees and sensitive customer data, relationships with partners, people and environmental safety. This means organizations need to make cybersecurity part of their sustainable development strategy so that it can enhance a company’s approach to cyber protection.
The survey showed that some organizations recognize the consequences of attacks that directly affect the lives and health of their employees (32%) and other people (18%), as well as the loss of sensitive data (28%), as their major cybersecurity challenges. Dedicated sustainability initiatives, including introducing the role of a Chief Sustainability Officer may be seen as a way to mitigate such risks and improve industrial organization protection from related cyberthreats.
However, sustainable development strategies, as well as dedicated investments, measures and roles are not all consistently aligned. While more than half of (56%) companies are not planning to hire a CSO, 34% already have additional technical measures in place and 25% have allocated investments for sustainable development. Another 16% and 19% respectively are planning to do so in the future.
“The activities of any company, especially an industrial one, affect many aspects of society. Sustainable development initiatives aim to ensure that this impact is either neutral or positive. From this perspective, organizations being reliably protected from cyberthreats is not just an individual goal – it is part of an overall sustainability trend. Adopting a corresponding concept means thinking about the role cybersecurity has in a business’s agenda and how it should be improved to cover both corporate and industrial infrastructure, as well as ensure all employees follow proper cyber-hygiene practices,” says Anton Shipulin, Solution Business Lead, Kaspersky Industrial CyberSecurity at Kaspersky.