New global report from Claroty details a number of potential contributing factors for today’s CISOs to consider, including the convergence of IT and OT roles
New York, NY – March 25, 2020 – Claroty, the global leader in industrial cybersecurity, today released research into the state of industrial cybersecurity worldwide, which found that 74% of IT security professionals globally are more concerned about a cyberattack on critical infrastructure than an enterprise data breach. An independent survey of 1,000 full-time IT security professionals was carried out in the United States, United Kingdom, Germany, France, and Australia to determine the attitudes and concerns of IT security professionals related to operational technology (OT) security.
According to the data, more than half of industry practitioners in the U.S. (51%) believe that today’s industrial networks are not properly safeguarded and need more protection, while another 55% believe that U.S. critical infrastructure is vulnerable to a cyberattack. While IT security professionals are typically tasked with protecting enterprise networks, they are notably more concerned about a cyberattack on critical infrastructure (65%) compared to an enterprise data breach (35%). In addition, a strong majority (67%) believe that a cyberattack on critical infrastructure has the potential to inflict more damage than an enterprise data breach.
In regard to timing and urgency, 63% of U.S. IT security professionals expect a major cyberattack to be successfully carried out on national infrastructure within the next five years. However, 10% say that we will not ever see one, despite ample evidence of attacks targeting energy and other related sectors.
The global perspective
In contrast to the lack of confidence in the U.S., global IT security professionals (including those in the U.K., Germany, France, and Australia) have a more positive-leaning outlook. A majority of all global respondents (62%) believe that industrial networks are properly safeguarded. Those in Australia (93%) and Germany (96%) are by far the most confident in the overall safety of industrial networks.
Threats and potential targets
When asked which type of cyberattack on industrial networks would be most prevalent in 2020, a majority of U.S. IT security professionals (56%) put hacking at the top of the list, followed by ransomware (21%) and sabotage (12%). There is also a strong consensus among U.S. practitioners that electric power is the most vulnerable sector of critical infrastructure (46%), followed by oil and gas (18%) and transportation (13%).
Additional key stats and contributing factors:
An overwhelming majority of U.S. IT security professionals (87%) believe that the government is responsible for properly protecting critical infrastructure from cyberattacks. This indicates how crucial it is for Chief Information Security Officers (CISOs) and IT teams to understand the importance of OT security and how it falls within their purview, as every company in the world relies on industrial networks.
IT and OT security practices are converging at a rapid rate due to digital transformation and the evolving threat landscape, which presents new challenges and opportunities for CISOs. Demonstrating this, a majority in the U.S. (66%) have been trained in the differences between IT and OT networks and 65% believe they have the skills and experience required to properly manage OT network cybersecurity.
While clearly acknowledging the urgency surrounding critical infrastructure, most U.S. respondents express little desire to work in industrial cybersecurity. A strong majority (71%) say they would rather work in IT enterprise cybersecurity than focus on industrial networks, while another 57% say they would rather work for an organization that experiences a massive data breach instead of one that suffers a critical infrastructure-related cyberattack.
“While IT and OT convergence unlocks business value in terms of operations efficiency, performance, and quality of services, it can now be detrimental because threats, both targeted and non-targeted, have the freedom to maneuver from IT to OT environments and vice versa,” said Dave Weinstein, Chief Security Officer of Claroty. “Our mission is to help security practitioners to bridge the gap between IT and OT cybersecurity, ensuring that all bases are protected from cyberattack. This is even more critical in this new normal of largely remote workforces, which create additional burden on CISOs to remotely secure their production environments.”
Claroty improves the availability, safety, and reliability of OT assets and networks within industrial enterprises and critical infrastructure. The Claroty Platform provides comprehensive OT asset and network visibility, segmentation, vulnerability management, threat detection, risk assessment, and Secure Remote Access capabilities (SRA) — all within a single, agentless solution. Unique to Claroty, SRA provides a single, secure, and clientless interface through which all external users connect prior to performing software upgrades, periodic maintenance, and other support activities on assets within OT networks. This is all enriched by the company’s award-winning OT security research department.
For in-depth analysis into the findings, along with full U.S. and global survey data, The Global State of Industrial Cybersecurity report is available here.
Claroty bridges the industrial cybersecurity gap between information technology (IT) and operational technology (OT) environments. Organizations with highly automated production sites and factories that face significant security and financial risk especially need to bridge this gap. Armed with Claroty’s converged IT/OT solutions, these enterprises and critical infrastructure operators can leverage their existing IT security processes and technologies to improve the availability, safety, and reliability of their OT assets and networks seamlessly and without requiring downtime or dedicated teams. The result is more uptime and greater efficiency across business and production operations.