With industrial control systems (ICS) becoming more connected due to the introduction of operational technology (OT) and industrial internet of things (IIoT), the threat of a successful cyberattack causing major damage could now be a reality. So much so that a new study by Tripwire and Dimensional Research revealed that 66 percent of ICS security professionals now acknowledge that a successful attack could have catastrophic consequences such as an explosion.
The study surveyed ICS security professionals in manufacturing, energy and utilities, transportation and chemical industries and also revealed 93 percent are worried about cyberattacks causing operational shutdown or customer-impacting downtime.
Other key findings include:
- About half (49 percent) said that collaboration between IT and OT has improved over the past two years.
- More indicated that IT is taking the lead on ICS security (44 percent) vs. OT (14 percent); 35 percent said it is evenly split between IT and OT.
- More than three-fourths (79 percent) say there is a gap in training OT and IT staff on the unique needs and requirements for securing OT environments. Of those who made cybersecurity investments over two years (77 percent), education and training was the most common investment (82 percent).
- Only 52% have more than 70% of their assets tracked in an asset inventory.
- Almost one-third (31%) of organizations do not have a baseline of normal behavior for their operational technology (OT) devices and networks.
- Less than half (39%) do not have a centralized log management solution in place for their OT devices.