Critical infrastructure has increasingly come under attack, and businesses are facing significant challenges as the geopolitical landscape becomes increasingly tense, new research from cloud-enabled security solutions provider Barracuda Networks has found.
Organisations recognise the importance of security on industrial internet of things (IIoT) and operational technology (OT), but security breaches have resulted in monetary losses, significant downtime for organisations.
“In the current threat landscape, critical infrastructure is an attractive target for cybercriminals, but unfortunately IIoT/OT security projects often take a backseat to other security initiatives or fail due to cost or complexity, leaving organisations at risk,” said Tim Jefferson, senior vice president, engineering for data, networks and application security, Barracuda. “Issues such as the lack of network segmentation and the number of organisations that aren’t requiring multifactor authentication leave networks open to attack and require immediate attention.”
Organisations across the board have acknowledged the importance of investing even further in IIoT and OT security, with 96 percent of business leaders noting that their organisation needs to increase their investment in industrial security. A full 72 percent of organisations signaled that they have either already implemented or are in the process of implementing IIoT/OT security projects, but many are facing significant challenges when it comes to implementation, including basic cyber hygiene.
However, 93 percent have failed in their IIoT/OT security projects. For organisations with completed IIoT and OT security projects, 75 percent have experienced no impact at all from a major incident.
IIoT and OT security continue to be a major target for attackers, but there is hope for businesses that take a proactive approach. Businesses should implement tools to combat these challenges, including the use of secure endpoint connectivity devices and ruggedised network firewalls, all centrally deployed and managed via a secure cloud service that can enable effective network segmentation and advanced threat protection, provide multifactor authentication, and even implement Zero Trust Access.
“IIoT attacks go beyond the digital realm and can have real-world implications,” said Klaus Gheri, VP Network Security, Barracuda. “As attacks continue to rise across industries, taking a proactive security approach when it comes to industrial security is critical for businesses to avoid being the next victim of an attack.”
