Three out of four industrial companies worldwide fell victim to a ransomware attack last year. This is one of the findings of the new report “The Global State of Industrial Cybersecurity 2023: New Technologies, Persistent Threats, and Maturing Defenses.”
The report shows that ransomware attacks are increasingly impacting OT environments. According to the latest study from 2021, 32 percent of ransomware attacks affected IT only, while 27 percent affected both IT and OT. In 2023, 21 percent of ransomware attacks were limited to IT, while 37 percent affected both IT and OT. This represents a significant increase of 10 percentage points over the last two years and highlights the growing attack surface and increasing risk of business disruption associated with IT/OT convergence.
Financial impact
In addition to the increasing operational impact of ransomware, the financial impact remains significant. 69 percent of companies affected by ransomware attacks last year paid the required ransom, which resulted in financial losses of over USD 100.000 for more than half. Accordingly, demand for cyber insurance is increasing: A large majority (80%) of companies have purchased cyber insurance, with about half (49%) choosing a policy with coverage of half a million dollars or more.
The increasing pressure to combat threats and the risk of financial loss are compounded by the integration of new technologies into OT environments. 61 percent of respondents currently use security tools that use generative AI. However, this increases security concerns for one in two (47%).
Given these challenges brought about by combating ransomware and integrating new technologies, there is a growing need for industry regulations and standards that guide OT security priorities and investments. 43 percent of German companies surveyed said TSA security guidelines have the greatest impact on the company's security priorities and investments, followed by ISA/IEC-62443 (40%) and NERC CIP (37%). NIS2, which comes into force next year, plays a decisive role in only 30 percent.
Visible progress
Although implementing generative AI currently takes time and resources, there are some advances and developments to close process and technology gaps:
- Network segmentation is essential to reducing the lateral movement of cyberattacks (including from IT to OT). 77 percent of those surveyed describe their approach to this as “appropriate” or “mature”.
- Vulnerability and risk management: 78 percent of respondents describe their approach to identifying vulnerabilities as “adequate” or “extremely” proactive – a significant increase from 66 percent in 2021. However, the speed at which vulnerabilities are discovered and patches are released is outpacing organizations' ability to to fix these. Therefore, companies use a range of risk assessment methods to prioritize. The most common methods are the Common Vulnerability Scoring System (CVSS), used by 52 percent of respondents worldwide, followed by the risk assessments of existing security solutions (49%), the Exploit Prediction Scoring System (EPSS) (46%) and the Known Exploited Vulnerabilities (KEV) Catalog (45%).
- Planned measures: The top OT security initiatives respondents plan to implement in the next year are risk assessment (43%), closely followed by asset, change and/or lifecycle management (40%) and vulnerability management (39%).
About Claroty Claroty, the Industrial Cybersecurity Company, helps its global customers discover, protect and manage their OT, IoT and IIoT assets. The company's comprehensive platform can be seamlessly integrated into customers' existing infrastructure and processes and offers a wide range of industrial cybersecurity controls for transparency, threat detection, risk and vulnerability management and secure remote access - with significantly reduced total cost of ownership.
One thought on "75 percent of industrial companies fall victim to a ransomware attack"
Comments closed