A report from ABI Research and Palo Alto Networks found that one in four industrial companies had to temporarily shut down operations due to cyberattacks in the past year, creating a need to improve operational technology (OT) security. It is suggested that there is.

According to the results of the State of OT Security investigation For approximately 2,000 business owners and practitioners in 16 countries, the complexity of OT security solutions is an added concern.

More than 60% of those surveyed expressed concerns about the complexity of available solutions when making purchasing decisions.

This complexity not only poses logistical challenges, but also questions about the effectiveness of existing security measures in protecting industrial operations from cyber threats.

The report also highlights the evolving threat landscape facing OT environments, making such environments attractive to cyber attackers given the potential for significant economic or political gain. I am emphasizing that.

70% of industry organizations have fallen victim to a cyberattack in the past year, with more than a quarter (26%) experiencing a cyberattack on a weekly basis or more.

In addition to existing threats, industrial asset owners and operators are becoming increasingly wary of new technologies and their associated risks.

The rise of artificial intelligence (AI) and the integration of 5G connected devices are perceived as significant threats to OT infrastructure by a significant portion of respondents.

Internally, industry organizations face challenges around coordination and regulatory compliance.

The report found significant misalignment between IT and OT teams within organizations, with only 12% reporting alignment.

Additionally, executives and practitioners expect regulatory pressure on OT security to increase in the coming years, reflecting growing awareness of the need to strengthen security measures to meet evolving compliance standards. .

Despite these challenges, decision makers are increasingly recognizing the importance of integrated solutions and zero trust approaches to securing OT environments.

This report shows a growing consensus among respondents about the need for simplified and streamlined security solutions to effectively mitigate cybersecurity threats.

Additionally, cloud-based solutions are recognized to play a pivotal role in securing the evolving OT environment, with over 80% of respondents recognizing their importance.

Matthieu Chan Tsin, vice president and head of cybersecurity services at Cowbell Cyber, said there are several important steps companies can take to simplify and strengthen their OT security infrastructure.

“First, segment the network to separate IT from OT systems and reduce the risk of crossover attacks,” he explained. “Ensure timely patch management to mitigate vulnerabilities, consider operational constraints, and implement enhanced access controls such as multi-factor authentication and strict role-based access.”

Organizations should also continually educate employees on cybersecurity and maintain incident response plans tailored to their OT environments.

“Finally, leverage real-time monitoring and detection tools, vet third-party vendors for security, and prioritize robust backup and disaster recovery procedures for operational continuity,” Tsin added.

Jose Seara, CEO and founder of DeNexus, noted that industrial environments typically operate across multiple geographic sites, making it possible to segment networks and systems between OT and IT. I said it's one of the first steps you should definitely take.

“Knowing how to quantify cybersecurity risk at each site and prioritize risk mitigation and cybersecurity projects is a critical step to streamlining OT security and focusing on what really matters,” he said. ” he said.

He believes that by establishing a common view of the cybersecurity risks (measured as potential losses) that enterprises face, IT and OT can develop a common language for cybersecurity, align different goals, and identify the risks that are truly necessary. He explained that it could act as a catalyst for collaboration on mitigation projects. Note.

“We are also refreshing our approach to cybersecurity and focusing cybersecurity budgets and projects on the greatest risks, such as where businesses could face the greatest financial loss.” It's also the perfect time to start quantifying this,” Ceara said.

Marcus Fowler, CEO of Darktrace federal, explained that by leveraging the latest AI tools, organizations can use the technology to develop a solid understanding of their environments.

This information can then be used to conduct proactive security drills and scenarios to identify potential areas of vulnerability.

“This approach helps OT teams more accurately assess overall risk, identify potential attack vectors, and stop potential disruptions before they occur,” he said.

These tools can leverage their understanding of the environment to send automated alerts that help users gain context and understand the severity of potential attacks.

“This allows OT teams to save valuable time and prioritize the most pressing threats to business functions,” Fowler said.

Recent articles by author

Source link