Cybersecurity awareness in an Industrial Control Systems company

Abstract

Abstract: This paper investigates the cybersecurity awareness levels of employees at an industrial control systems organization and measures their knowledge on the potential impact of cyber-related attacks on their systems through a case study. Attacks on industrial control systems as well as the information technology infrastructure which it relies on, are becoming a growing problem for governments and organizations. Cybersecurity policies of organizations are critical to ensure that industrial control systems environments are adequately protected. It is equally important for the organizations to ensure that their employees are aware of the cybersecurity policies and why they must be implemented. In many cases, however, organizations are faced with employees who are not aware of the potential cyber-related security threats posed to their industrial control systems, nor the impact these attacks might have. Results show that although employees understand the severity of cyber vulnerabilities their awareness is low