Reduce Business Disruption - Make Cyber Security A Priority

Uploaded on 2019-10-23 in FREE TO VIEW, BUSINESS-Production-Utilities, BUSINESS-Production-Manufacturing

Ninety-three percent of Industrial Control Systems (ICS) security professionals are very concerned about cyber-attacks causing operational shutdown or customer-critical downtime. In an effort to prepare against such threats, 77% have made ICS cyber security investments over the past two years, but 50% still feel that current investments are not enough.
 
This is from a recent survey for Tripwire conducted by Dimensional Research and its respondents included 263 ICS security professionals at energy, manufacturing, chemical, dam, nuclear, water, food, automotive and transportation organisations shows these sever results.
 
“Cyber-attacks against critical infrastructure and manufacturers pose a real threat to the safety, productivity and quality of operations..... In these environments, where virtual and physical converge, cyber events can interfere with an operator’s ability to view, monitor or control their processes. Investing in cyber-security should be a priority in protecting operations from disruption.” said  Kristen Poulos, vice president and general manager of industrial cybersecurity at Tripwire speaking to HelpNetSecurity
 
Of the 50% who felt current investments were not enough, 68% believe it would take a significant attack in order for their organisations to invest more. Only 12% of all respondents expressed a high level of confidence in their ability to avoid business impact from a cyber event. 
 
In assessing industrial organisations’ current set of basic cyber-security capabilities, the survey found the following:
 
• Only 52% have more than 70% of their assets tracked in an asset inventory.
• Almost one-third (31%) of organisations do not have a baseline of normal behavior for their operational technology (OT) devices and networks.
• Less than half (39%) do not have a centralised log management solution in place for their OT devices.
Poulos added: “Visibility, although the first step, is commonly the biggest hurdle when it comes to protecting ICS environments from cyber-attacks.
 
Organisations can gain visibility of their OT networks without disrupting their processes by following methods that meet the unique needs and requirements of OT devices. “This includes passive monitoring of network traffic to identify assets, and baselining normal activity to spot anomalies, and analysing log data for indications of cyber events.....With that visibility, organisations can effectively implement additional protective controls, such as industrial firewalls to segment critical assets and establish secure conduits.” said Poulos
 
Additional findings include:
 
• About half (49%) said that collaboration between IT and OT has improved over the past two years.
• More indicated that IT is taking the lead on ICS security (44%) vs. OT (14%); 35% said it is evenly split between IT and OT.
• More than three-fourths (79%) say there is a gap in training OT and IT staff on the unique needs and requirements for securing OT environments. 
 
Of those who made cyber-security investments over two years (77%), education and training was the most common investment (82%) and GoCyber is one we at Cyber Security Intelligence (CSI) recommend. 
 
For information and adcice on Cyber Traing please contact Cyber Security Intelligence.
 
Tripwire:           Help Net Security:
 
You Might Also Read:
 
Five Trends In Attacks On Industrial Control Systems:
 
 
« Just A Normal Day At The Office For Huawei
Small & Medium Businesses Are Under Increasing Risk Of Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

Cato Networks

Cato Networks

Cato connects your branch locations, physical and cloud datacenters, and mobile users into a secure and optimized global network in the cloud.

Cleafy

Cleafy

Cleafy protects web and mobile applications from tampering attempts and deploys countermeasures to guarantee data and content integrity at scale.

CyberWarrior

CyberWarrior

CyberWarrior deliver training and consulting for some of the world’s top brands and also partner with national systems integrators to augment their teams with our expertise.

CounterCraft

CounterCraft

The CounterCraft Cyber Deception Platform fits seamlessly into existing security strategies and delivers high-end deception for threat hunting and threat detection.

Swisscom Blockchain

Swisscom Blockchain

Swisscom Blockchain is focused on supporting the implementation and adaption of Blockchain-based platforms in enterprises across diverse industries.

InfoLock

InfoLock

Infolock are experts in data governance, providing consulting and advisory services that help organizations effectively secure, manage, and optimize their data.

MCPc

MCPc

MCPc improves the security and well-being of our clients. We protect data, manage the complexity and sustainability of technology, empower employee performance, and ultimately reduce business risk.

Digital Pathways

Digital Pathways

Digital Pathways is an award-winning data security provider that helps businesses protect their digital assets.

Mitnick Security

Mitnick Security

Mitnick Security is a leading global provider of information security consulting and training services.

LocateRisk

LocateRisk

LocateRisk provides more efficiency, transparency and comparability in IT security with automated, KPI-based IT risk analyses.

LogicGate

LogicGate

The LogicGate Risk Cloud™ is an agile GRC cloud solution that combines powerful functionality with intuitive design to enhance enterprise GRC programs.

Parablu

Parablu

Parablu is a leading provider of data security and resiliency solutions for the digital enterprise.

Silk Security

Silk Security

Silk is the first platform that enables enterprises to take a strategic, sustainable approach to resolving code, infrastructure and application risk.

Daisy Corporate Services

Daisy Corporate Services

Daisy is one of the largest providers of communications and IT solutions across the UK, with a portfolio spanning unified communications, cloud, cyber security and resilience.

Backblaze

Backblaze

The Backblaze Storage Cloud provides a foundation for businesses, developers, IT professionals, and individuals to build applications, host content, manage media, back up and archive data, and more.