- Organizations experienced a significant increase in cyber intrusions targeting operational technology (OT), with 31% reporting six or more intrusions compared to 11% last year. These attacks resulted in worsened impacts, including operational outages, brand degradation, and loss of critical data.
- There has been a notable shift in responsibility for OT cybersecurity, with more organizations placing this role under CISOs or senior executives, indicating OT security’s growing importance at the board level.
- While OT security postures have matured, with improvements in visibility and segmentation, organizations still struggle to keep pace with escalating cyberattacks, highlighting the need for better detection methods and more robust protection strategies.
The 2024 State of Operational Technology and Cybersecurity Report reveals an alarming rise in OT system intrusions, with nearly one-third of respondents reporting six or more attacks in the past year, up significantly from the previous year. These intrusions had severe consequences, including operational outages affecting productivity and revenue, brand damage, and loss of sensitive data. The increase in phishing, ransomware, and business email compromises, alongside the growing sophistication of attacks, underscores the expanding threat landscape that OT environments face.
The report also shows a clear shift in leadership responsibility for OT security, with more organizations assigning this role to senior executives like CISOs or VPs of networking operations. This shift reflects the growing recognition of OT security as a critical issue requiring attention at the highest levels of leadership. However, despite these advancements, organizations still face significant challenges in detection and intrusion prevention, with many failing to integrate OT systems into broader risk management strategies fully.
While OT security postures are maturing, with improvements in visibility, segmentation, and access controls, the increase in successful intrusions reveals that more work is needed. The report emphasizes the importance of adopting a comprehensive security architecture, better aligning OT and IT security efforts, and enhancing internal cybersecurity training to address the evolving cyber risks targeting OT systems.
Leave a Reply
You must be logged in to post a comment.