New research released by cyber-physical systems protection company, Claroty, reveals a startling 75% of survey respondents experienced a ransomware attack in the past year. The study analysed responses from 1,100 global independent security IT and OT professionals operating within critical infrastructure sectors, dissecting challenges faced throughout the year, their effects on OT security programmes, and ongoing priorities.
The study highlights an evolving trend in attacks, with the impact on OT environments closely matching that of IT sectors. Comparing surveillance results from two years ago, it’s observed there’s been a substantial 10% rise in combined IT and OT targeted attacks. Today, 21% of cyber assault incidents affect IT departments exclusively, whereas an elevated 37% now disrupt both IT and OT departments. This development points to the widening attack surface area and motivates further risk concerns linked with IT/OT integration.
Beyond the increasing operational impact of ransomware, a persistent and worrying financial burden exists. Of the 75% of respondents whose organisations were subjected to cyber-attacks during the year, an overwhelming 69% paid the ransom to alleviate the threat. Highlighting the financial repercussions of these incidents, over half (54%) of those who complied with ransom demands reported financial losses exceeding $100,000 USD. Possibly in response to these financial losses, cyber insurance popularity has risen, with a significant 80% of organisations now carrying a policy. Moreover, approximately half (49%) of these companies have elected to obtain cover of half a million dollars or more.
The stress of tackling amplified threats, combined with financial losses, is amplified with the emerging integration of new technologies within OT environments. The report reveals that 61% of surveyed respondents are currently utilising generative AI-based security tools. In an unsettling revelation, almost half (47%) admit this use heightens their security apprehensions.
Addressing these tumultuous challenges, governments have perceived the urgent requirement for industry regulations and standards. Such initiatives are now dictating OT security priorities and investments. TSA Security Directives have influenced 45% of respondents’ organisational security priorities and investments, followed by the CDM DEFEND impact on 39% and ISA/IEC-62443 on 37%.
Despite these challenges, Yaniv Vardi, CEO at Claroty, sees an opportunity. “Our study shows that there is clearly no shortage of challenges facing OT security professionals,” states Vardi, “but we also found tremendous room for opportunity and appetite to mature security posture across industrial environments.”
The potential for improvement and progression is evident in risk assessment and vulnerability management, as well as network segmentation practices. Organisations aim to proactively defend their cyber-physical systems, despite raised concerns resulting from the integration of novel technologies like generative AI.