Report on the state of IIoT and OT security

August 19, 2022
| No comments
Report on the state of IIoT and OT security

Share post

Network and cloud security specialist Barracuda publishes its report on the state of IIoT and OT security "The State of Industrial Security in 2022". Manufacturing and health care bring up the rear when it comes to completed security projects. 800 IIoT/OT managers answered the survey.

Cloud security specialist Barracuda surveyed 800 senior IIoT/OT managers worldwide about their experiences and views regarding IIOT/OT security in their companies. With the current report, Barracuda presents the results around IIoT/OT security projects, implementation challenges, security incidents and technology investments as well as topics related to cybersecurity risks The State of Industrial Security in 2022 .

Increase KRITIS as an attack target

Critical infrastructures are increasingly being targeted by cybercriminals. Despite the now prevailing realization that IIoT and OT security (Industrial Internet of Things/Operational Technology) are of crucial importance, companies and organizations face considerable challenges in view of the increasingly tense geopolitical situation. Security breaches go beyond financial loss and result in significant downtime with long-lasting consequences.

Key results of the survey

  • Attacks are widespread: 94 percent of the companies surveyed said they had experienced a security incident in the last 12 months.
  • Geopolitical Concerns: 89 percent of respondents are very or fairly concerned about the impact that the current threat landscape and geopolitical situation will have on their organizations.
  • Security breaches impact operations: 87 percent of organizations affected by an incident were impacted for more than a day.

Organizations across all industries have recognized the importance of making necessary investments in IIoT and OT security. 96 percent of business leaders said they need to increase their investment in industrial security. 72 percent of the companies reported that they had either already implemented IIoT/OT security projects or were in the process of implementing them.

Significant implementation challenges

  • Manufacturing and healthcare are lagging behind: companies with critical infrastructure are leading the way in implementation, 50 percent in the oil and gas industry have completed projects. In manufacturing, only 24 percent and in healthcare only 17 percent have completed their projects.
  • Organizations are failing: 93 percent have failed with their IIoT/OT security projects.
  • Effective IIoT security implementations make an impact: For companies with completed IIoT and OT security projects, 75 percent have not experienced any impact from a major incident.
  • Multi-factor authentication (MFA) usage is low: Only 18 percent of surveyed organizations restrict network access and enforce multi-factor authentication when it comes to remote access to OT networks.
  • Low MFA usage is widespread even in critical industries: Critical industries such as energy (47 percent) allow external users full remote access without MFA.
  • Qualifications matter: less than half of the companies surveyed can perform security updates themselves (49 percent).
  • Manual updates are tedious: Organizations are hit hardest when security updates aren't automatic.

🔎 More IIoT security is only a question of costs to a limited extent (Image: Barracuda).

IIoT and OT security is still a big target for attackers. Therefore, it is imperative that organizations implement tools to address these challenges, including the use of secure endpoint connectivity devices and robust network firewalls. Everything should be provided centrally and managed via a secure cloud service. This should enable effective network segmentation and advanced threat protection, provide multi-factor authentication and also be able to implement Zero Trust Access.

The number of attacks continues to increase

"In the current threat landscape, critical infrastructures are an attractive target for cybercriminals, but unfortunately IIoT/OT security projects often take a backseat to other security initiatives, fail because of the costs or are simply too complex, leaving companies at high risk of attack", says dr Klaus Gheri, VP Network Security, Barracuda. "Issues like the lack of network segmentation and the number of organizations that don't require multi-factor authentication leave networks open to attack and require immediate attention." IIoT attacks have gone beyond the digital realm and could have real impact, says Gheri. As the number of attacks increases across all industries, a proactive security approach to industrial security is critical for organizations to avoid being the next victim of an attack.

More at Barracuda.com

 

Via Barracuda Networks

Striving to make the world a safer place, Barracuda believes that every business should have access to cloud-enabled, enterprise-wide security solutions that are easy to purchase, implement and use. Barracuda protects email, networks, data and applications with innovative solutions that grow and adapt as the customer journey progresses. More than 150.000 companies worldwide trust Barracuda to help them focus on growing their business. For more information, visit www.barracuda.com.

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

Digital Security: Consumers trust banks the most

A digital trust survey showed that banks, healthcare and government are the most trusted by consumers. The media- ➡ Read more

Barracuda, Stories
, , , , ,