60% of mechanical engineering companies expect the number of cyberattacks to increase in the coming years, but they are not taking sufficient measures to ensure adequate protection. Although 83% of companies are familiar with the common security standards, only about 40% use them. These are the core findings of the new study on “Industrial Security” , for which the German Engineering Federation (VDMA) conducted a survey of manufacturing companies.

The participants assessed the risk for their own company using the Top 10 Threats to Industrial Control Systems published by the German Federal Office for Information Security (BSI). They see human error and sabotage as the greatest threats for production environments, followed by malware infiltration, social engineering and phishing as well as malware infection via the Internet/Intranet. Many participants, however, do not base their risk assessment on a thorough risk analysis: only 41% of the respondents have introduced risk management, while 58% of large companies have done so (over 1,000 employees) and are leading the way. The VDMA is thus offering its members a web-based cyber risk assessment .