British engineering company IMI has revealed a cybersecurity incident, just days after rival firm Smiths Group reported a similar incident, raising concerns about the vulnerability of industrial systems to cyber threats.

IMI, a Birmingham-based firm that designs and manufactures products for industrial automation, transport, and climate control, disclosed the incident in a filing with the London Stock Exchange on Thursday. The company stated that it is "currently responding to a cybersecurity incident involving unauthorized access to the company's systems." IMI has engaged external cybersecurity experts to investigate and contain the incident, and is taking "necessary steps to comply with our regulatory obligations."

However, IMI declined to comment on the nature of the incident and whether any company data was exfiltrated. The UK's Information Commissioner's Office did not immediately respond to a request for comment. This lack of transparency has sparked concerns about the potential impact of the incident on IMI's customers, partners, and stakeholders.

This incident comes on the heels of a similar disclosure by Smiths Group, another UK-based engineering giant, which reported last week that it was working to "recover" affected systems following unauthorized access to its network. Neither company has provided timelines for their recoveries, leaving many questions unanswered.

The back-to-back disclosures have raised concerns about the cybersecurity posture of industrial companies, particularly those in the engineering sector. As these companies increasingly rely on digital systems to design, manufacture, and operate critical infrastructure, they become more vulnerable to cyber threats. The potential consequences of a successful attack can be severe, including intellectual property theft, disruption of critical operations, and even physical harm to people and the environment.

The incidents also highlight the importance of regulatory compliance and transparency in the event of a cybersecurity incident. Companies are required to notify regulators and affected parties in a timely manner, and failure to do so can result in significant fines and reputational damage. In this case, both IMI and Smiths Group have notified the relevant authorities, but the lack of transparency about the incidents has sparked concerns about the effectiveness of their response.

The incidents serve as a wake-up call for industrial companies to prioritize cybersecurity and invest in robust defenses to protect against increasingly sophisticated threats. As the industrial sector becomes increasingly reliant on digital systems, the need for robust cybersecurity measures will only continue to grow.

In the coming days and weeks, it will be important to monitor the situation closely and provide updates as more information becomes available. In the meantime, the incidents serve as a reminder of the importance of cybersecurity in the industrial sector, and the need for companies to prioritize the protection of their systems and data.