77 percent of industrial organizations worried about cybersecurity incidents
Information technology and operational technology are gradually moving closer together thanks to wider connectivity of OT with external networks, and the growing number of industrial IoT devices.
While this boosts the efficiency of industrial processes, it also presents new risks and vulnerabilities according to a new report from Kaspersky Lab.
The company carried out a survey of 320 global professionals with decision-making power on OT and industrial control system (ICS) cybersecurity from 25 countries. 77 percent of respondents say that their organization is likely to become the target of a cybersecurity incident involving their industrial control networks.
Of the concerns related to IoT, over half (54 percent) of respondents claim that the increased risks associated with connectivity and the integration of IoT ecosystems are a major cybersecurity challenge, as are new types of IoT security measures that need to be implemented (50 percent) and the implementation of IoT use cases (45 percent). Although the IoT presents many new concerns for organizations, protection against traditional cyber threats still needs to be top of the agenda.
Companies relying on ICS are still falling victim to more conventional threats, including malware and ransomware. While concerns have grown around the risk of targeted attacks and APTs (66 percent), almost two-thirds (64 percent) of companies experienced at least one conventional malware or virus attack on their ICS in the last year, 30 percent of companies suffered a ransomware attack, and 27 percent had their ICS breached due to the errors and actions of employees.
"With the sector embracing more digital trends such as cloud and IoT to further drive efficiencies, the challenge and importance of cybersecurity becomes even more vital to keep critical systems running and businesses operational," says Georgy Shebuldaev, brand manager at Kaspersky Industrial Cybersecurity. "The good news is that we are seeing more and more businesses improving their cybersecurity policies to include dedicated measures towards safeguarding their industrial control networks. While this is a step in the right direction, action needs to go further to keep up with the pace of digitalization. This includes updating incident response programs to cover specific ICS actions and using dedicated cybersecurity solutions to help meet the challenge."
You can find out more in the full report available from the Kaspersky website.