TÜV Rheinland releases findings from industrial security report
TÜV Rheinland has released findings from ‘The 2020 Study on the State of Industrial Security’ report, which was produced in conjunction with The Ponemon Institute. The research serves to understand cyber risks across a broad spectrum of industries and the steps organisations are taking to reduce cyber risk in the operational technology (OT) environment.
2258 cybersecurity practitioners were surveyed across the following industries: automotive, oil and gas, energy and utilities, health and life science, industrial manufacturing and logistics and transportation. All respondents are responsible for securing or overseeing cyber risks in the OT environment and are aware of how cybersecurity threats could affect their organisation.
The research shows that over half of respondents (57%) believe there will be one or more serious attacks within the OT environment. Almost half (49%) say it is difficult to mitigate cyber risks across the OT supply chain, and 48% feel that cyber threats present a greater risk in the OT than the IT environment.
Other key findings include:
47% of respondents say OT technology-related cybersecurity threats have increased in the past year. The top three cybersecurity threats cited are phishing and social engineering, ransomware and DNS-based denial of service attacks. One-third of respondents say such exploits have resulted in the loss of OT-related intellectual property.
Fewer than half of respondents are confident in their ability to respond to and contain a security exploit or breach (48%), continually monitor the infrastructure to prioritise threats and attacks (47%) and pinpoint sources of attacks and mobilise the right set of technologies and resources to remediate the attack.
More than half (52%) of respondents say vulnerable software is creating risks in the OT environment.
63% of respondents say OT and IT security risk management efforts are not coordinated, making it difficult to achieve a strong security posture in the OT environment.