CNI more of a cyber concern than enterprise data breaches

New research into the state of global industrial cyber security has found that 74 per cent of IT security professionals are more concerned about a cyber attack on critical infrastructure than an enterprise data breach.

Carried out by Claroty, the survey of 1,000 full-time IT security professionals from the United States, United Kingdom, Germany, France, and Australia, sought to determine the attitudes and concerns of IT security professionals related to Operation Technology security. It found that 62 per cent of international respondents believe that industrial networks are properly safeguarded against cyber attacks and that 60 per cent believe their country’s critical infrastructure is adequately protected.

However, looking at the responses regionally, Claroty found that some regions are more confident than others. Respondents from Australia (93 per cent) and Germany (96 per cent) are much more confident in the overall safety of industrial networks versus respondents from the UK, US and France. They are also more confident that their country’s critical infrastructure is properly secured against cyber attacks, with 90 per cent of respondents from Australia and 99 per cent from Germany saying that they are adequately protected.

Additionally, the survey revealed that 45 per cent of IT security professionals see electric power as the most vulnerable sector of critical infrastructure, followed by oil and gas (21 per cent). Furthermore, 43 per cent would put hacking at the top of the list of threats to industrial networks that they are most concerned about, followed by ransomware (33 per cent).

The survey also explored whose responsibility it is to protect critical infrastructure from cyber attack, and the results weighed heavily in favour of government over the private sector. In fact, 100 per cent of respondents from Germany believe it is the government’s responsibility, followed by Australia (98 per cent), the UK (91 per cent), France (89 per cent), and the US (87 per cent).

Dave Weinstein, Chief Security Officer of Claroty, said: “While IT and OT convergence unlocks business value in terms of operations efficiency, performance, and quality of services, it can now be detrimental because threats, both targeted and non-targeted, now have the freedom to manoeuvre from IT to OT environments and vice versa. Our mission is to help security practitioners to bridge the gap between IT and OT cyber security, ensuring that all bases are protected from cyber attack. This is even more critical in this new normal of largely remote workforces, which create additional burden on Chief Information Security Officers to remotely secure their production environments.”