Reduce Business Disruption - Make Cyber Security A Priority

Uploaded on 2019-10-23 in FREE TO VIEW, BUSINESS-Production-Utilities, BUSINESS-Production-Manufacturing

Ninety-three percent of Industrial Control Systems (ICS) security professionals are very concerned about cyber-attacks causing operational shutdown or customer-critical downtime. In an effort to prepare against such threats, 77% have made ICS cyber security investments over the past two years, but 50% still feel that current investments are not enough.
 
This is from a recent survey for Tripwire conducted by Dimensional Research and its respondents included 263 ICS security professionals at energy, manufacturing, chemical, dam, nuclear, water, food, automotive and transportation organisations shows these sever results.
 
“Cyber-attacks against critical infrastructure and manufacturers pose a real threat to the safety, productivity and quality of operations..... In these environments, where virtual and physical converge, cyber events can interfere with an operator’s ability to view, monitor or control their processes. Investing in cyber-security should be a priority in protecting operations from disruption.” said  Kristen Poulos, vice president and general manager of industrial cybersecurity at Tripwire speaking to HelpNetSecurity
 
Of the 50% who felt current investments were not enough, 68% believe it would take a significant attack in order for their organisations to invest more. Only 12% of all respondents expressed a high level of confidence in their ability to avoid business impact from a cyber event. 
 
In assessing industrial organisations’ current set of basic cyber-security capabilities, the survey found the following:
 
• Only 52% have more than 70% of their assets tracked in an asset inventory.
• Almost one-third (31%) of organisations do not have a baseline of normal behavior for their operational technology (OT) devices and networks.
• Less than half (39%) do not have a centralised log management solution in place for their OT devices.
Poulos added: “Visibility, although the first step, is commonly the biggest hurdle when it comes to protecting ICS environments from cyber-attacks.
 
Organisations can gain visibility of their OT networks without disrupting their processes by following methods that meet the unique needs and requirements of OT devices. “This includes passive monitoring of network traffic to identify assets, and baselining normal activity to spot anomalies, and analysing log data for indications of cyber events.....With that visibility, organisations can effectively implement additional protective controls, such as industrial firewalls to segment critical assets and establish secure conduits.” said Poulos
 
Additional findings include:
 
• About half (49%) said that collaboration between IT and OT has improved over the past two years.
• More indicated that IT is taking the lead on ICS security (44%) vs. OT (14%); 35% said it is evenly split between IT and OT.
• More than three-fourths (79%) say there is a gap in training OT and IT staff on the unique needs and requirements for securing OT environments. 
 
Of those who made cyber-security investments over two years (77%), education and training was the most common investment (82%) and GoCyber is one we at Cyber Security Intelligence (CSI) recommend. 
 
For information and adcice on Cyber Traing please contact Cyber Security Intelligence.
 
Tripwire:           Help Net Security:
 
You Might Also Read:
 
Five Trends In Attacks On Industrial Control Systems:
 
 
« Just A Normal Day At The Office For Huawei
Small & Medium Businesses Are Under Increasing Risk Of Attack »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

SC Media

SC Media

SC Media arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face.

Freshfields Bruckhaus Deringer

Freshfields Bruckhaus Deringer

Freshfields Bruckhaus Deringer is a global law firm with a track record of successfully supporting the world's leading corporations, financial institutions and governments.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

Technology Industries of Finland (TIF)

Technology Industries of Finland (TIF)

Technology Industries of Finland (TIF) is a business and labour market lobbying organization that promotes the competitiveness and business conditions of Finland’s most crucial export industry.

NNIT

NNIT

NNIT​ is one of Denmark’s leading consultancies in IT development, implementation and operations, including cyber security.

Rule4

Rule4

Rule4 is a global professional services firm that provides practical, real-world knowledge and solutions in areas including cybersecurity, AI, Machine Learning and industrial control systems.

EPIC Insurance Brokers & Consultants

EPIC Insurance Brokers & Consultants

EPIC is an insuarnce broker and consultancy firm. Risk management services include risk consultancy and cybersecurity insurance.

Samurai Digital Consulting

Samurai Digital Consulting

Samurai Digital Security are a cyber and Information security services provider, specialising in penetration testing, incident response, user awareness and information governance solutions.

Trusted Security Solutions (TSS)

Trusted Security Solutions (TSS)

TSS are specialist in IT Security and providing Cybersecurity Solutions & Services combined with storage and backup.

Hub71

Hub71

Hub71 is a world-class tech ecosystem opening doors to global opportunities from an optimal business environment for entrepreneurial-minded innovators.

FourNet

FourNet

FourNet is an award-winning provider of cloud and managed services; we work closely with our clients to enable digital transformation across their organisation.

Wadilona Cyber Securities

Wadilona Cyber Securities

Wadilona Cyber Securities' sole aim is to bring and secure Information and Communications Technology (ICT) to and work for humans in its simplest terms.

NetScout Systems

NetScout Systems

NetScout assures digital business services against disruptions in availability, performance, and security.

CloudGuard

CloudGuard

CloudGuard is an AI-driven XDR platform that helps organisations to proactively detect and automatically remediate threats in real-time.

Aurascape AI

Aurascape AI

Aurascape is working on advanced cybersecurity solutions powered by grounds-up generative AI architecture.

Cassini

Cassini

Cassini Cyber Threat Intelligence (CTI) helps protect your organisation from cyber attacks using threat intelligence from trusted New Zealand agencies.