Increasing cyber threats for most industrial firms: Claroty survey

Oct. 8, 2020

More than half (53%) of U.S. industrial enterprises have seen an increase in cybersecurity threats since the COVID-19 pandemic started in March, according to 1,100 full-time OT and IT security professionals surveyed in August by security software provider Claroty. Its report, "The critical convergence of IT and OT security in a global crisis," found that more than half (51%) of U.S.-based respondents say their organization is now more of a target for cyber criminals than before COVID-19, while 67% add they've seen cyber-criminals using new tactics to target their organizations. (The report is located at https://info.claroty.com/the-critical-convergence-of-it-and-ot-security-in-a-global-crisis)

The survey further reveals that COVID-19 has accelerated the convergence of IT and OT networks, with 65% of U.S. respondents reporting their IT and OT networks have become more interconnected since the pandemic began, and 73% expecting them to become even more interconnected, which can increase potential vulnerabilities. At the same time, 62% of U.S. respondents add they've also found it more challenging to collaborate with their IT or OT counterparts during the pandemic, and 44% believe their OT networks are less secure than their IT networks.

The report adds that:

  • Having a crisis plan for secure remote access is vital for adapting quickly and safely to the COVID-19 pandemic. This is reflected by the 25% of U.S. respondents whose top cybersecurity executive didn't have a response plan, 26% whose organizations struggled with shifting to a dispersed workforce, and 22% who said their organization didn't have pre-existing secure remote access (aside from a VPN that isn't secure enough for OT), which lets employees work securely from a remote location.
  • Most U.S. respondents (84%) are confident their organization is cyber-secure and prepared for another major disruption. Also, 88% report that their organization has updated its cybersecurity crisis response plan to reflect a more remote workforce.
  • Sixty percent of U.S. respondents believe their chief information security officer (CISO) has shown good leadership, while 86% say their organization’s leadership made cybersecurity a priority during the pandemic, and 83% add their CISOs provided proper training resources for working in a dispersed organization.
  • U.S. respondents add the top five industrial sectors most vulnerable to a cyber attack are manufacturing (15.4%), building management systems (12.8%), electric utilities (12.6%), pharmaceuticals, (12.4%) and consumer goods (12%).

“This data indicates there's been an increase in cyber threats to industrial enterprises globally since the start of the pandemic, proving just how crucial it is to reduce risk by understanding the threats to OT security and improving collaboration between IT and OT teams,” says Yaniv Vardi, CEO of Claroty. “With the transition to remote work, many organizations increased their focus on OT and IoT security and worked towards accelerating their IT/OT convergence. This will empower them to unlock business value and charge ahead with greater confidence even in the face of disruptions.”