2018 Cybersecurity Report Spotlights Emerging Threats to OT Environments
Manufacturers saw many interesting developments in the realm of industrial security in 2017. There were tremendous shifts in how to guard against threats with ransomware like WannaCry, Nyetya, and now the Trisis/Triton/Hatman incident impacting organizations and making headlines across the globe.
Safeguarding against those risks and more were captured in the recently released Cisco 2018 Annual Cybersecurity Report. The report highlights some of the key trends in the evolution of malware and its impact on systems and data. The role of the Internet of Things (IoT) and its effect on security architectures and processes are also analyzed, as well as how artificial intelligence (AI), automation and machine learning technologies are in place as a way to mitigate malicious activity.
From a manufacturing perspective there are some key findings around the impact that IoT has on operations technology:
- 31% of security professionals said their organizations have already experienced cyber-attacks on OT infrastructure
- 38% said they expect attacks to extend from IT to OT in the next year
- 69% of organizations believe OT is a viable attack vector in 2018
- IoT botnets continue to grow in size and power, but few organizations see them as an imminent threat currently
Effective Practices and Challenges
To safeguard against vulnerabilities, many manufacturing companies noted some of the ways they are improving their security architecture. More than 50% indicated that they are utilizing a Defense-in-Depth strategy in the Industrial zone and over 80% found that zone based industrial firewalls were effective in protecting the perimeter. More than half of those surveyed felt the security tools they had in place within the industrial zone were very efficient. The most important elements as part of an overall security strategy by manufacturing respondents in the report are virus protection, encryption, and port security.
Some of the most significant challenges noticed by manufacturers were the number of vendors security teams utilized was hampering their efforts to defend against attacks and made orchestration more difficult. On average 48% of the total number of alerts go uninvestigated. It was also notable that a considerable amount of organizations still utilized unmanaged switches on the factory floor. However, within manufacturing 61% of respondents noted that they conduct exercises to test cybersecurity every six months. The report includes recommendations that organizations can take to reduce risk and help ensure their facilities maintain operational resilience.
The cybersecurity report covers security trends, critical findings for businesses, adversary tactics, vulnerabilities, security staffing and budgeting, and actionable steps to stay ahead of adversaries.
I invite you to download the full report here: