90% security professionals admit cyber attack in last two years: Report

A study has found that 90 percent of critical infrastructure security professionals have admitted their environments had been damaged by at least one cyberattack over the past two years, with 62 percent experiencing two or more attacks.

The findings of the study, ‘Cybersecurity in Operational Technology: 7 Insights You Need to Know’, were released by Tenable Network Security on Friday. The report identifies the true extent of cyberattacks experienced by critical infrastructure operators – professionals in industries using industrial control systems (ICS) and operational technology (OT).

The study found insufficient visibility into the attack surface. “80 percent of respondents cited lack of visibility into the attack surface, knowing what systems are part of their IT environments, as the number one issue in their inability to prevent business-impacting cyberattacks,” it said.

Read more: Pune Smart City to have cyber security policy soon

The study also underlines that inadequate staffing and manual processes limit vulnerability management. “Lack of personnel and a reliance on manual processes were cited by 61 percent and 55 percent of respondents respectively as major obstacles in their ability to assess and remediate vulnerabilities.”

“OT professionals have spoken – the people who manage critical systems such as manufacturing plants and transportation almost unanimously state that they are fighting-off cyberattacks on a regular basis,” said Eitan Goldstein, Senior Director of Strategic Initiatives, Tenable.

He suggested that organisations need visibility into their converged IT/OT environments “to not only identify where vulnerabilities exist but also prioritise which to remediate first”.

“The converged IT/OT cyber problem is one that cybersecurity and Critical Infrastructure teams must face together,” Goldstein added.

The study report, prepared by the Ponemon Institute, also states that 70 percent of respondents view increasing communication with executives and board members as one of their governance priorities for 2019.

“The convergence of IT and OT is a reality in today’s digital era. But this convergence has connected once-isolated OT systems to a variety of attack paths,” the study observes.

The study is based on the self-reported experiences and observations of ICS and OT experts themselves.

Tags
Show More

Related Articles

Back to top button
Close