Editor's Choice
Analytical Instrumentation & Environmental Monitoring
Data Acquisition & Telemetry
Electrical Power & Protection
Enclosures, Cabling & Connectors
Fieldbus & Industrial Networking
Flow Measurement & Control
Industrial Computer Hardware
Industrial Wireless
IS & Ex
IT in Manufacturing
Level Measurement & Control
Maintenance, Test & Measurement, Calibration
Mass Measurement
Motion Control & Drives
News
Operator Interfaces, Switches & Relays
PLCs, DCSs & Controllers
Pneumatics & Hydraulics
Pressure Measurement & Control
SAIMC
SCADA/HMI
Sensors & Transducers
Smart Home Automation
System Integration & Control Systems Design
Temperature Measurement
Training & Education
Valves, Actuators & Pump Control


IT in Manufacturing



Print this page printer friendly version

Cyber security trends for 2025: The five levels of maturity

March 2025 IT in Manufacturing

By Graham Brown, country manager for SA/SADC at Commvault.

As cyber attacks reach unprecedented levels, chief information security officers (CISOs) are increasingly burdened with the responsibility of safeguarding organisations. Recent research indicates that the number of cyber attacks has surged dramatically, highlighting the urgent need for enhanced cybersecurity measures across various sectors. Despite the growing threat landscape, a survey found that only 13% of organisations globally are considered ‘cyber mature’ enough to effectively mitigate and recover from cyber incidents. These mature organisations can recover 41% faster from attacks compared to those at the lower end of the maturity scale. Key factors contributing to this speed include having advanced security tools that can provide early warnings about risks, clearly defined processes for incident response, and reliable backup systems for critical data.


Graham Brown, country manager for SA/SADC at Commvault.

Determining CISO maturity levels

With the onus on CISOs to implement essential security measures, it is crucial for business leaders to evaluate whether they have the right individuals in place, supported by adequate resources. The authority of CISOs varies significantly across organisations, impacting overall cyber security maturity. At the initial stage, security responsibilities may fall to individuals who primarily follow orders, while at more advanced levels, CISOs engage with executive leadership to ensure cyber security is integrated into all aspects of business operations. To understand an organisation’s position within this maturity framework and its implications for cyber security risk and resilience, we can categorise the stages into the five following distinct levels:

Check box security: In organisations at this least mature level, security is often managed by IT staff who lack dedicated cyber security roles. Responsibilities are typically combined with routine IT tasks, such as server maintenance and software updates. These organisations may prioritise other business functions over security, leading to inadequate measures like multi-factor authentication being overlooked.

The right time for a CISO: As businesses grow, their exposure to cyber threats increases, prompting them to consider hiring a senior cyber security professional or CISO. At this stage, the role is often technical in nature, with limited opportunity for strategic planning. Compliance requirements begin to take precedence, necessitating formal monitoring and auditing processes.

Beyond a technical CISO: Organisations soon realise that CISOs require greater autonomy to implement security controls effectively. While decision making may still be limited to recommending technologies, CISOs must gain authority over broader measures that encompass cloud security and access management. This stage calls for strong collaboration between IT and security teams.

The empowered CISO: Approaching full maturity, CISOs participate in strategic discussions with senior management and advise on cyber security risks and recovery capabilities. They help define the organisation’s risk tolerance and develop strategies that align with business objectives while addressing emerging technologies like artificial intelligence.

Secure by design: At this ultimate level of maturity, security is embedded within the organisation’s culture and processes. Employees across all departments adhere to security protocols as part of their daily operations. Continuous testing of systems is standard practice, ensuring that teams are well prepared for incident response and data recovery.

Planning the maturity cycle

It is essential to recognise that no two organisations are alike when it comes to cyber security maturity. Each entity has its unique infrastructure, operational methods and strategic goals. Public companies will have different priorities compared to private ones, and larger organisations will face different challenges to smaller entities.

Measuring progress through the cyber security maturity cycle can be complex; however, understanding the characteristics of each stage allows business leaders to align their development efforts with their specific needs, whether through nurturing internal talent or recruiting skilled CISOs. This alignment will help build a level of maturity that matches their organisation’s risk tolerance as cyber threats continue to escalate into 2025 and beyond.




Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Siemens ecosystem strengthens data and AI integration
Siemens South Africa IT in Manufacturing
Siemens has announced significant expansions to its Industrial Edge ecosystem, accelerating data and AI integration and releasing enhanced cybersecurity functionalities. These enable a seamless integration of IT and OT environments, optimise processes and reduce operational disruptions.

Read more...
Siemens manages shipbuilding process for HD Hyundai
Siemens South Africa IT in Manufacturing
Siemens has been selected by HD Korea Shipbuilding & Offshore Engineering as a preferred partner to establish an integrated platform to manage the entire shipbuilding process as a single data flow to help ensure consistency across all its global shipyard facilities.

Read more...
Transforming the process industry through digitalisation
Endress+Hauser South Africa IT in Manufacturing
By connecting field devices, systems and people, digitalisation creates new opportunities to optimise operations, enhance maintenance strategies and support continuous improvement. As a leading instrumentation provider and major source of process data, Endress+Hauser plays a key role in enabling this transformation.

Read more...
The OT operator’s guide to security and uptime on the plant
RJ Connect IT in Manufacturing
The article addresses three common questions about industrial network deployment and maintenance, exploring ways to achieve better control and visibility with more efficiency.

Read more...
The assets you can’t see are the ones that can shut you down
IT in Manufacturing
ABEGuardOT is an asset management solution that delivers continuous, non-intrusive visibility across multi-vendor environments, including Siemens, Rockwell, ABB, Honeywell, Schneider Electric, Emerson, GE and Yokogawa, with support for OPC UA, EtherNet/IP, Modbus and Profibus.

Read more...
Edge I/O NTS and the need for industrial speed
Schneider Electric South Africa IT in Manufacturing
One of the most compelling solutions to emerge from industrial automation is Edge I/O NTS, which represents a natural evolution of computing from centralised servers to localised, device-level input/output processing, offering improved speed, efficiency and resilience.

Read more...
The next wave of AI-driven process automation
Schneider Electric South Africa IT in Manufacturing
As process industries hurtle toward an AI-driven future, four powerful trends are set to redefine automation strategies in 2026: hyper automation, AI-first automation, low code/no code platforms, and advanced process intelligence.

Read more...
Huge increase in denial-of-service cyber threats
IT in Manufacturing
NETSCOUT has released its Distributed Denial-of-Service Threat Intelligence report, revealing sophisticated attacker collaboration, resilient botnets and compromised IoT infrastructure that drove more than eight million DDoS attacks worldwide.

Read more...
Sustainable manufacturing
ABB South Africa IT in Manufacturing
ABB’s production facility in Shandong province, China is delivering measurable energy and emissions reductions through the implementation of advanced digital energy management and electrification solutions.

Read more...
Open automation is breaking legacy chains
Schneider Electric South Africa IT in Manufacturing
Industrial automation is now entering a new era defined by open, software-driven principles that are breaking decades of hardware-bound limitations.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd | All Rights Reserved