Cyber attacks are even more critical in the ‘new normal’ of remote workforces

26-Mar-2020 - Last updated on 26-Mar-2020 at 11:26 GMT

Claroty bridges the gap between IT and OT cybersecurity. Photo: Claroty

IT and operational technology (OT) cybersecurity is even more critical in the ‘new normal’ of remote workforces, which create an additional burden on chief information security officers to remotely secure their production environments, according to Claroty cybersecurity firm.

It claims organizations with highly automated production sites and factories that face significant security and financial risk need to bridge the gap between IT and OT environments.

Concerns over OT

The company carried out an independent survey of 1,000 full-time IT security professionals across the US, UK, Germany, France, and Australia to determine the attitudes and concerns of IT security professionals related to OT security.

It claims 74% of IT security professionals globally are more concerned about a cyber attack on critical infrastructure than an enterprise data breach and 62% of global respondents believe industrial networks are properly safeguarded against cyber attacks and 60% believe their country’s critical infrastructure is adequately protected.

However, respondents from Australia (93%) and Germany (96%) are more confident in the overall safety of industrial networks versus respondents from the UK, US and France.

They are also more confident their country’s critical infrastructure is properly secured against cyber attacks, with 90% of respondents from Australia and 99% from Germany saying that they are adequately protected.

“While IT and OT convergence unlocks business value in terms of operations efficiency, performance, and quality of services, it can now be detrimental because threats, both targeted and non-targeted, now have the freedom to manoeuvre from IT to OT environments and vice versa,” said Dave Weinstein, chief security officer, Claroty.

Vulnerable

In terms of industries and direct threats, the research found globally, 45% of IT security professionals see electric power as the most vulnerable sector of critical infrastructure, followed by oil and gas (21%). A further 43% would put hacking at the top of the list of threats to industrial networks they are most concerned about, followed by ransomware (33%).

The survey also explored whose responsibility it is to protect critical infrastructure from cyber attack, and the results weighed heavily in favour of government over the private sector.

100% of respondents from Germany believe it is the government’s responsibility, followed by Australia (98%), the UK (91%), France (89%), and the US (87%).