New data from GHD Digital revealed critical infrastructure under siege amidst rising cyber threats, vulnerabilities
New GHD Digital research revealed that critical infrastructure systems face a growing wave of sophisticated cyber threats, with threat actors targeting vulnerabilities in aging operational technology (OT) systems. About nine in ten critical infrastructure organizations, such as those involved in energy and electricity grids, experienced cyberattacks last year. As technology advances, the attack surface expands, creating a digital battlefield where vigilance, collaboration, and innovation are paramount.
GHD Digital research indicates that more than half of the global critical infrastructure suppliers have experienced attempts to control and shut down their systems. Additionally, approximately 75 percent of these suppliers believe cyberattacks are becoming increasingly sophisticated.
“Despite the severity of the risks, many organizations lack the necessary cybersecurity maturity, leaving critical infrastructure vulnerable. Securing and managing critical infrastructure requires an in-depth understanding of the OT control systems on which it operates,” GHD Digital said (gated content) in its latest report. “This demands a targeted approach with specialized skill sets and tools that address the unique challenges. Government agencies, infrastructure operators, regulatory bodies, cybersecurity professionals, and technology and service providers need to prioritize investment in OT security by creating an ongoing strategy that includes vulnerability assessments, managing patches, and implementing network segmentation.”
The GHD Digital report said that organizations can significantly mitigate the risk of cyber incidents caused by employee actions by investing in comprehensive cybersecurity awareness and training programs. These programs emphasize the importance of recognizing phishing attempts, safe internet practices, and secure handling of sensitive information.
Additionally, implementing strong access control measures and regularly updating security policies can help limit opportunities for accidental or intentional breaches, ensuring employees are aware of the risks, as well as equipped to act as the first line of defense against cyber threats. Over the years, many sectors have become more reliant on industrial control systems (ICS), such as Supervisory Control and Data Acquisition (SCADA), Programmable Logic Controllers (PLC), and Distributed Control Systems for monitoring processes and controlling physical devices, such as pumps, valves, motors, and sensors.
The data also highlighted that nation-state actors with their vast resources and geopolitical motives compromise the integrity of critical infrastructure components. Meanwhile, cybercriminal groups seek financial gain through ransomware and extortion schemes, by exploiting vulnerabilities in interconnected systems. Employees, whether malicious or unwitting, pose an ongoing risk, underscoring the need for robust security measures, constant monitoring, and a proactive defense stance. In fact, about 30 percent of cybersecurity breaches on critical infrastructure are ransomware or other destructive attacks.
GHD Digital pointed out that technological advancements represent a double-edged sword in the context of critical infrastructure cybersecurity. On the one hand, they introduce solutions that enhance the efficiency and functionality of essential systems, driving economic growth and societal progress. However, these same advancements also expand the attack surface, providing cyber adversaries with new vectors and tools to exploit vulnerabilities. Cybersecurity must evolve in tandem as critical infrastructure becomes increasingly interconnected and reliant on cutting-edge technologies like IIoT and cloud computing.
It mentioned that embracing innovations such as AI for threat detection, blockchain for secure transactions and robust encryption techniques becomes paramount to maintaining the delicate balance between technological progress and the resilience of our critical systems. Also, the convergence of technology and cybersecurity will shape the future of critical infrastructure, determining our ability to defend against evolving digital threats and ensure the continuity of vital services.
The GHD Digital data noted that the adoption of new technologies in critical infrastructure cybersecurity presents various challenges and considerations. Firstly, the rapid evolution of technology often outpaces the assessment and mitigation of associated risks, leaving critical systems vulnerable to exploitation by adversaries. Organizations must strike a balance between embracing innovation and conducting thorough security evaluations to ensure robust risk assessments are an integral part of the implementation process.
Secondly, the integration of new technologies may necessitate substantial investments in both financial and human resources. Adequate budget allocation for acquiring, maintaining, and updating these technologies is crucial to staying ahead of evolving threats. Additionally, building a proficient cybersecurity workforce capable of effectively managing these advanced tools is essential.
To combat cyber threats in critical infrastructure, the report calls for ‘a transformative shift.’ Responsibility for tackling today’s threats no longer solely falls on the IT department, rather, it requires a three-pronged approach. Combining technology, human expertise, and collaboration, organizations must cultivate a culture of proactive vigilance, making security a fundamental value integrated into all aspects of work. This collective commitment ensures that cybersecurity is not merely a department’s responsibility but a shared commitment, paving the way for a future where unwavering vigilance and unyielding strength meet evolving threats head-on.
GHD Digital prescribes having a structured and adaptable cybersecurity operating model (CSOM) as part of a cybersecurity framework is essential for organizations to manage and mitigate evolving threats. Embedding Security by Design is essential for businesses operating in critical infrastructure sectors. The pressing need for an enterprise-wide cybersecurity capability calls for the development of a CSOM that transcends traditional security protocols. The CSOM integrates security functions into the fabric of an organization and offers a comprehensive view of how these functions interconnect within the enterprise structure.
By breaking down complex processes into logical functions, the CSOM helps organizations understand their current cybersecurity posture and serves as a blueprint for transforming toward a more secure future. With this model, businesses can outline how their key capabilities work together, making sure that security functions collaborate smoothly with operational units and external partners, strengthening defenses against cyber threats in critical infrastructure.
The report concludes In the relentless battle against evolving cyber threats in critical infrastructure, the path to success relies on a shift from a mere reaction to a proactive stance, where technology, human expertise, and collaboration converge to forge an unbreakable shield. At its core, the foundation of cybersecurity within an organization rests on proactively anticipating threats and weaving security into every facet of work. Security isn’t just one department’s responsibility; it requires an organization-wide commitment.
Clearly, the future of critical infrastructure security relies on embracing the above principles, leading toward a future where threats are met with unwavering vigilance and strength.
Webinar: Transforming Manufacturing Security: The 5-Step Approach to Rolling Out and Scaling Up OT Cybersecurity
Register: May 22, 2024 | 8am PDT | 11am EDT | 5pm CESTRelated
