Selling security to an increasingly connected utilities and infrastructure sector

  • Published: 26 April 2019,
  • The Say Team

‘Industry 4.0’ is the term that has been coined to describe the current industrial revolution that is shaping how manufacturing and utilities management is done. Informed and enabled by cheap, interconnected sensors, and robotics and automation, Industry 4.0 is bringing about unprecedented levels of cost and time efficiency. However, the introduction of these technologies has opened up a window to the internet, and threats like ransomware are now a serious concern. This was a big reason why, when carrying out research for ‘The State of Trust in Security Companies Barometer’, we asked key decision makers in the utilities and infrastructure industry what they look for in a security vendor.

Technical expertise

It is hardly surprising, given that it is one which is largely made up of individuals with a background in engineering, that a majority (57 percent) of key decision makers in the utilities and infrastructure sector take analyst reports into account when making security decisions, the second-highest proportion of any industry. At the same time, the industry is far less likely to take more general sources like the national media (18 percent), social media (18 percent) and search engines (24 percent) into consideration when considering purchases. Behind analyst reports, respondents were also likely to take information from a vendor’s website into account (43 percent) as well as meetings with them at trade shows (41 percent). Overall, the industry expressed a strong (67 percent) preference towards technical experts (CTO/CSO/CISO), the greatest response of any industry. By contrast, only 28 percent preferred company leaders, indicative of a trend towards the trustworthiness of more senior figures throughout the entire survey.

Don’t overlook cyber

Cyber security is also a key issue for the utilities and infrastructure industry, with 47 percent saying that it is at the top of their agenda, and 49 percent saying it is one of their board’s main priorities for risk management. Only 4 percent said that other identified risks take precedence, below any other industry and well below the average of 8.9 percent. A majority (73 percent) also stated that a vendor’s approach to cyber security is an important part of their decision making when evaluating physical security hardware. All of the answers given suggest a strong preference towards vendors who have a proven record that they can speak on handling cyber security issues. They also suggest that the industry is taking the threat it faces seriously, which is obvious when you consider the fact that utilities and infrastructure companies are key targets for Advanced Persistent Threat actors backed by states.

Security is becoming increasingly relevant in the digitalised world of utilities and infrastructure, with the Internet of Things and automation set to be the dominant trends going forward. As such, there is a great opportunity for security vendors to sell into a growing market. ‘The State of Trust in Security Companies Barometer’, sets out what vendors can do to gain competitive advantage, and advises on how they can get in front of key decision makers to sell their wares.

By Jonathan E.

What's Next?