Operational technology cybersecurity company Claroty released a new report looking at the impact of the COVID-19 pandemic on critical infrastructure security. According to the report, a majority of industrial enterprises in the United States have seen an increase in cybersecurity threats since the start of the COVID-19 pandemic.
“This data clearly indicates that there has been an increase in cyber threats to industrial enterprises globally since the start of the pandemic, proving just how crucial it is to reduce risk by understanding the threats to OT security and improving collaboration between IT and OT teams,” Yaniv Vardi, CEO of Claroty, said in a statement. “With the transition to remote work, many organizations have increased their focus on OT and IoT security and worked towards accelerating their IT/OT convergence. This will empower them to unlock business value and charge ahead with greater confidence even in the face of disruptions.”
Claroty’s report, The Critical Convergence of IT and OT Security in a Global Crisis, includes the results of a survey of 1,100 IT and OT security professionals in the United States, the United Kingdom, France, Belgium, Germany, Austria, Switzerland, Australia, New Zealand, and Singapore.
According to the survey, 51 percent of U.S.-based respondents say their organization is now more of a target for cyber criminals compared to before COVID-19. Additionally, 67 percent said they have seen cyber criminals use new tactics to target their organization.
According to U.S. respondents, the top five industrial sectors most vulnerable to a cyber attack are manufacturing, building management systems, electric utilities, pharmaceuticals, and consumer goods.
The report indicates that COVID-19 has accelerated the convergence of IT and OT networks. Sixty-five percent of U.S. respondents said their IT and OT networks have become more interconnected since the pandemic began, and 73 percent said they expect them to become even more interconnected as a result of it.
“While IT/OT convergence unlocks business value in terms of operations efficiency, performance, and quality of services, it can also be detrimental because threats – both targeted and non-targeted – can move freely between IT and OT environments,” Claroty says.
Additionally, 62 percent of U.S. respondents have found it more challenging to collaborate with their IT or OT counterparts during the pandemic. Forty-four percent believe that their OT networks are less secure than their IT networks.
Claroty researchers also looked at how the shift to remote work has impacted organizations during the COVID-19 pandemic and how prepared organizations were for this shift. According to the report, 26 percent of organizations struggled with the shift to a dispersed workforce. Additionally, 25 percent of U.S. respondents said their top cybersecurity executive did not have a pre-existing response plan, and 22 percent said their organization did not have a pre-existing secure remote access solution, aside from VPN, that allowed employees to securely work from a remote location.
Despite the challenges the COVID-19 pandemic has presented, 60 percent of respondents said their CISO has shown good leadership. Additionally, 86 percent of respondents said their organization’s leadership made cybersecurity a priority during the pandemic, and 83 percent said CISOs have provided proper training resources for working within a dispersed organization.
“Cybersecurity executives, including CISOs, have been thrust into the spotlight since the start of the pandemic, tasked with implementing new technologies to ensure their organization’s networks and employees are fully secure,” Claroty says.
Moving forward, 84 percent of U.S. respondents said they were confident that their organization is prepared, from a cybersecurity perspective, for another major disruption down the road. Additionally, 88 percent reported that their organization has updated its cybersecurity crisis response plan to reflect a more remote workforce.
“We are living in a completely different world since March 2020 – a world that continues to evolve and will never return to its previous state,” Claroty’s report concluded. “On the plus side, as organizations pivoted to a more remote workforce and IT and OT networks converged, they increased their focus on OT security and those that didn’t have a plan to deal with a similar crisis have quickly put one in place. Still, IT and OT security professionals report challenges collaborating as they face higher threat levels. Fortunately, by leveraging this time to focus on OT security, understand the threats, improve collaboration, and build coalitions, organizations can accelerate IT/OT convergence with greater confidence and unlock new business value.”