Page 21 - EngineerIt June 2021
P. 21
CYBER SECURITY
convergence was evident pre-pandemic, but the effects of pandemic-driven innovation
accelerated digital transformation and increased extended connectivity.
Facing the challenge of extending the plant environment to accommodate remote
work, many organisations had to increase their technology budgets to support rapid
solution deployment. Seeking to benefit where possible from the many changes
brought about by the pandemic, many OT leaders are looking for new ways to
streamline processes and reduce future costs.
Although progress is being made, there is room for improvement. Most OT
organisations are not leveraging orchestration and automation and their security
readiness was further taxed by the COVID-19 crisis. OT-IT network convergence
coupled with an ever-increasing advanced threat landscape and coping with
pandemic-related issues made it even more difficult for OT leaders to stay ahead of
disruptive cyber adversaries.
The Fortinet study highlights four key insights about the current state of OT security
across organisations.
Rick Peters
OT leaders continue to struggle
with security measurements
OT leaders are tracking and reporting
cybersecurity measurements
consistently with “cost” falling lower on
the priority list than “risk assessment”
and “implications to the business.”
Vulnerabilities (70%), and intrusions
(62%) remain the top cybersecurity
measurements that are tracked and
reported, but tangible risk management
outcomes have become more prevalent
this year (57%).
OT Securiy Challenges
OT organisations continue to experience intrusions Overcoming the OT challenges
As a group, organisations represented by the OT leaders who participated in the Arguably, the demand for resilience
survey faced challenges in preventing cyber criminals from accessing systems and that is achieved from implementing
disrupting business. Nine out of ten organisations experienced at least one intrusion in cybersecurity best practices has
the past year, which is almost identical to the results of the 2020 survey. Arguably, the gained amplified interest over the past
pandemic presented some unforeseen challenges, however a 90% rate of intrusion 12 months. Despite that interest, the
represents a significant problem that should concern OT leaders. 2021 report indicates that OT leaders
continue to struggle. Increased digital
OT leaders were not prepared for pandemic-related changes connectivity of OT and IT networks rolls
OT leaders had to quickly increase spending to manage the processes related to on, yet in this year’s survey only 7%
the digital connectivity of IT-OT network assets that are essential to supporting work of OT leaders reported no intrusions.
from home. These two separate issues both affected technology budgets. SOCs It’s clear that many organisations face
and NOCs required more staff and equipment as the pandemic accelerated digital challenges when it comes to security
transformation and increased the need for connectivity for secure remote access. practices and ultimately protecting their
Employees working from home and OEMs and system integrators were hampered by infrastructure from today’s increasingly
their ability to travel. The pandemic accelerated the need for secure remote access as sophisticated cyber threats.
technical staff could not be on-site to perform work in person. With that said, top-tier OT
organisations are realising
Organisations faced malware and an increased incidence of insider cybersecurity success and managing
threats and phishing to weather the unusual situation
The survey showed significant growth in phishing attacks with 58% reporting this type brought on by the pandemic and the
of intrusion, up from 43% last year. The increase in phishing stems from attackers corresponding rapid innovation. Those
exploiting weaknesses related to the rapid changes to support remote work that top-tier organisations continue to make
emerged at the beginning of 2020. Along with balance of most global IT business, a commitment to promoting centralised
OT organisations were clearly affected. As employees continue to work remotely, it is visibility and taking a proactive
clear that OT organisations need to extend zero trust to their endpoints to address the approach to security to protect their
expanded attack surface. critical systems. n
EngineerIT | June 2021 | 19
