Sapien Cyber releases study into OT environment security

By BizClik Admin
Share
Attacks on operational technology (OT) would ‘cripple’ most US businesses, according to cybersecurity leaders in Sapien Cyber study.

A cyberattack on Operational Technology (OT) has the potential to ‘cripple’ the overwhelming majority (83%) of US organisations, according to a poll of 100 enterprise security leaders commissioned by Sapien Cyber.  

The independent study conducted by research house Norstat of US cybersecurity leads, including CSOs and CIOs found that the overwhelming majority (88%) recognise that the number of cybersecurity threats facing their business is increasing every year.  

Despite 90% of respondents working within US enterprises stating that they have evaluated the threats to Operational Technology such as heating, ventilation, and air conditioning systems, less than one-in-ten (8%) say physical security such as OT environments are taken more seriously than IT networks. Just over half (57%) said that they treat physical and cybersecurity systems as equally important, and 93% stated that their building management system was a part of the organisation’s cybersecurity strategy. 

Glenn Murray, Managing Director and CEO of Sapien Cyber, says: “It is clear that any attack on critical infrastructure has the potential to cause untold disruption for many organisations. This isn’t just about taking a financial hit, but reputational risk and the potential of human fatalities as well.  

“President Biden’s meeting with Vladmir Putin earlier this year signalled how seriously attacks to critical infrastructure are taken at the very highest levels of Government.”  

Recent evidence from the Cyber Security and Infrastructure Agency (CISA) suggests that cybercriminals are increasingly targeting Operational Technology with ransomware attacks, particularly against critical infrastructure.    

The Colonial Pipeline cyberattack earlier this year demonstrated the risks involved in not protecting critical national infrastructure to the highest degree. Cybercriminals were able to successfully deploy a ransomware attack, resulting in a huge pay-out and significant disruption to gas supplies across the East Coast. This became one of the most high-profile cyberattacks where consumers saw the potential for large-scale, tangible impact on their lives, which is a sign of things to come.   

A further example was the ransomware attack against FedEx back in 2017 that targeted their TNT Express Division and ended up costing the company USD300 million. Another example was the LockBit ransomware gang’s successful cyberattack against Bangkok Airways in 2021, who threatened to release passenger information such as passport and credit card details if the ransom wasn’t paid. 

In other findings, 95% of cybersecurity leaders admitted that they could make improvements to their holistic and real-time monitoring of cyberthreats. While 64% of respondents said that the COVID-19 pandemic caused significant disruption for their cybersecurity teams. 

General James Clapper, former Director of National Intelligence (US) under the Obama administration and board member at Sapien comments: “Organisations have faced a number of challenges throughout the COVID-19 pandemic, which has left the door open for opportunistic cybercriminals to take advantage. With almost two-thirds of cybersecurity leaders suggesting they have felt major disruption to their day-to-day cyber operation, this is a major cause for concern.

“Administrations in the Western world are pushing for more stringent cybersecurity practices, and the evidence within this survey suggest more must be done to protect critical assets from immediate danger.” 

View the full report: C-Suite’s Guide to Cyber Risks.

Share

Featured Articles

Kyndryl and AWS: The Cyber Issues Facing the Energy Sector

Kyndryl and AWS survey highlights the cybersecurity readiness gap in energy enterprises, with oil & gas organisations among the top groups at risk

Customer Confidence: Hiscox Reveals Growing Cost of Attacks

Hiscox study shows 43% of businesses lost customers after breaches, an almost doubling in sentiments

Supply Chain Security: Why Is It Key for the Energy Sector?

Check Point Software and Black Duck analyse KPMG research that analyses why the energy sector is at such high risk of supply chain attacks

Top 10 OT Platforms

Operational Security

Microsoft: What Satya Nadella's $5m Pay Cut Says About Cyber

Cyber Security

Armis Security: The Company Reaching Valuations of $4.3bn

Cyber Security