Tripwire, a provider of security and compliance solutions for enterprises and industrial organisations, has announced the results of a survey examining how organisations are addressing industrial control system (ICS) cyber threats
The survey was conducted by Dimensional Research last month, and its respondents included 263 ICS security professionals at energy, manufacturing, chemical, dam, nuclear, water, food, automotive and transportation organisations.
According to Tripwire’s survey, 93 per cent were concerned about cyberattacks causing operational shutdown or customer-impacting downtime. To prepare against such threats, 77 per cent have made ICS cybersecurity investments over the past two years, but 50 per cent still feel that current investments are not enough.
Kristen Poulos, vice-president and general manager of industrial cybersecurity at Tripwire, said, “Cyberattacks against critical infrastructure and manufacturers pose a real threat to the safety, productivity and quality of operations.”
“In these environments, where virtual and physical converge, cyber events can interfere with an operator’s ability to view, monitor or control their processes. Investing in industrial cybersecurity should be a priority in protecting operations from disruption,” she added.
Of the 50 per cent who felt current investments were not enough, 68 per cent believe it would take a significant attack for their organisations to invest more. Only 12 per cent of all respondents expressed a high level of confidence in their ability to avoid business impact from a cyber event.
In assessing industrial organisations’ current set of basic cybersecurity capabilities, the survey found the following:
-Only 52 per cent have more than 70 per cent of their assets tracked in an asset inventory.
-Almost one-third (31 per cent) of organisations do not have a baseline of normal behaviour for their operational technology (OT) devices and networks.
-Less than half (39 per cent) do not have a centralised log management solution in place for their OT devices.
“Visibility, although the first step, is commonly the biggest hurdle when it comes to protecting ICS environments from cyberattacks. Organisations can gain visibility of their OT networks without disrupting their processes by following methods that meet the unique needs and requirements of OT devices.
“This includes passive monitoring of network traffic to identify assets, and baselining normal activity to spot anomalies, and analysing log data for indications of cyber events. With that visibility, organisations can effectively implement additional protective controls, such as industrial firewalls to segment critical assets and establish secure conduits.”
