- Cybersecurity incidents have increased, with nearly one-third of respondents reporting six or more intrusions, compared to 11% last year.
- Responsibility for OT cybersecurity is shifting to executive leadership roles, highlighting its growing importance at the board level.
- OT security postures are maturing, with progress in visibility and segmentation, but the impact of intrusions and the need for comprehensive protection remain critical issues.
The 2024 State of Operational Technology and Cybersecurity Report reveals a significant rise in cybersecurity incidents, with nearly one-third of respondents experiencing six or more intrusions, up from 11% last year. This increase is notable in organizations with advanced maturity levels, with phishing and compromised business email being the most common intrusion types. Despite advancements in OT security, visibility within central cybersecurity operations has decreased, indicating a need for better awareness and management of blind spots.
Responsibility for OT cybersecurity is increasingly being assigned to executive leadership roles such as the VP or director of networking engineering/operations and the Chief Information Security Officer (CISO). This shift underscores the growing importance of OT security at the board level. The report also notes a reversal in organizations not planning to move OT security under the CISO, highlighting a more proactive approach to managing cybersecurity responsibilities.
While OT security postures are maturing, with more organizations establishing visibility and segmentation, the report indicates that intrusions and their impacts have worsened across all categories. This includes operational outages affecting productivity, revenue, and physical safety and the loss of business-critical data. The need for comprehensive protection and ongoing vigilance is emphasized, as OT systems remain attractive targets for cyber attackers.
To address these challenges, the report recommends best practices such as deploying network segmentation, establishing visibility and compensating controls for OT assets, integrating OT into security operations, and embracing OT-specific threat intelligence and security services. These measures are crucial for improving OT security postures and effectively managing the increasing volume of targeted attacks against OT systems.
Leave a Reply
You must be logged in to post a comment.