Kaspersky Lab introduced its new “State of Industrial Cybersecurity 2018” survey, which found that 65 percent of organizations globally believe that OT/ICS security risks are more likely with IoT.
The convergence of IT and OT, the wider connectivity of OT with external networks, and the growing number of industrial IoT devices is boosting the efficiency of industrial processes, but also presents new risks and vulnerabilities. Many surveyed industrial organizations feel unsafe, with 77 percent of respondents saying that their organization is likely to become the target of a cybersecurity incident involving their industrial control networks.
Of the concerns related to IoT, 54 percent of respondents claim that the increased risks associated with connectivity and the integration of IoT ecosystems are a major cybersecurity challenge.
Companies relying on ICS are still falling victim to more conventional threats, including malware and ransomware. While concerns have grown around the risk of targeted attacks and APTs, 64 percent of companies experienced at least one conventional malware or virus attack on their ICS in the last year, 30 percent of companies suffered a ransomware attack, and 27 percent had their ICS breached due to the errors and actions of employees. Although it was the top concern, targeted attacks affecting the sector accounted for only 16 percent in 2018 (down from 36% in 2017).
“With the sector embracing more digital trends such as cloud and IoT to further drive efficiencies, the challenge and importance of cybersecurity becomes even more vital to keep critical systems running and businesses operational,” said Georgy Shebuldaev, brand manager, Kaspersky Industrial Cybersecurity. “The good news is that we are seeing more and more businesses improving their cybersecurity policies to include dedicated measures towards safeguarding their industrial control networks. While this is a step in the right direction, action needs to go further to keep up with the pace of digitalization. This includes updating incident response programs to cover specific ICS actions and using dedicated cybersecurity solutions to help meet the challenge.”
In partnership with a market research firm, Kaspersky conducted a survey of 320 global professionals with decision-making power on OT/ICS cybersecurity from 25 countries across the globe from April to May 2018.
As the trend for digitalization – including increased connectivity and IoT – grows among industrial organizations, so do the cybersecurity risks associated with complex industrial environments. Customers need strong ICS incident response programs to avoid compromising severe operational, financial and reputational damage.