Industrial cyber attacks are on the rise leading to the shut down of several OT systems. This results in loss of revenue, reputation, and damage to operations. It also leads to additional costs in the form of damage control, event remediation, increased security services, communication with customers and suppliers, and handling law enforcement and public relations.
Palo Alto Networks, a well known cybersecurity company based in Santa Clara, California, United States conducted a survey in December 2023 which targeted almost 2000 respondents across 16 countries in the USA, Europe, and the APAC region.
Three-quarters of respondents stated that they had noticed malicious cyber activity in their OT environment. 24% revealed that they had to shut down OT activities due to a successful attack in the previous year, either as a result of actual disruption or as a way to avoid it.
The report by Palo Alto Networks also stated that most organizations are victims to cyber attack attempts weekly, monthly, or quarterly. 8% are targeted every couple of days, 4% everyday, and 2% more than once a day!
Let’s understand what’s happening a little better.
It’s common knowledge that IoT devices are the easiest entry points for cyber attacks. But this survey revealed that 28% of the cyber attacks originated from OT environments. The need for taking strict measures to secure OT environments is crucial, now more than ever and the report stated that over 60% of respondents agree with this. In the next couple of years, there would be an increase in OT cybersecurity budgets to safeguard critical OT systems.
The report also revealed some other interesting statistics about OT cybersecurity security and its solutions:
These numbers make it clear that IT and OT are not working together to solve security challenges holistically. It is time that organizations come together and take a comprehensive approach that tackles security from both sides. A two-way approach is needed to secure devices and ensure complete safety from cyber attacks.
The report rightly said, “A piecemeal approach to cybersecurity will help neither IT nor OT, regardless of the caliber of solutions invested in, resulting in the continued exposure of vulnerable OT assets.”
Respondents also shared that AI-related cyber attacks, especially on OT infrastructure is becoming a serious issue and needs to be addressed. These respondents also believe that AI-backed security solutions can be the remedy to prevent cyber attacks and protect OT systems. Can AI help hackers more than security professionals?
With IT and OT convergence, are solutions protecting IT networks enough? Several attacks that have occurred on OT systems have bypassed the security levels in the IT network and gained unauthorized access to their OT. The questions to ask yourself are: How secure is my organization against cyber attacks on OT systems? Have I examined my organization's cybersecurity posture? Are my organization’s field devices and other remote systems secure from cyber threats? This is where MicroSec’s deep domain expertise in OT/ICS cybersecurity can help you find the answers to these questions.
Find the whole report here.