Cyber security needs more 'carrot-and-stick'

Each year Honeywell Process Solutions hosts a conference for EMEA-based users of its control & automation technologies in industries ranging from oil & gas and chemicals to pharma and pulp & paper.

At this year’s event – staged this week in Istanbul – the talking points included presentations on new developments in areas such as virtualisation, 3D simulation and cyber security.

A panel discussion on the last of these topics highlighted the still growing threats posed by inappropriate downloading and the humble USB stick to the integrity of process operations.

The audience of around 200 delegates were asked if their companies operated policies to encourage best practice in this area, with clear sanctions in place to deter employees from breaching basic IT security rules.

That few, if any, delegates raised their hands, suggested that company leaders are still failing to understand the criticality of this issue – as well as, perhaps, a reluctance by some to be open about security matters at industry events.

But given – as the panel highlighted – the risks now posed by everything from USBs and smartphones to hackers and state-sponsored attacks, what will it take to get board executives to adopt and enforce effectve counter measures?

(Process Engineering will examine IT security in the process industries in a coming issue of the magazine, and would welcome readers’ views on this topic.)