What a Recent Survey Says About OT Security and How It Can Improve

As manufacturing and industrial environments adopt new technologies to improve productivity, bad actors are taking note. The addition of more connected systems and devices creates additional entry points for cybercriminals to exploit.

Integrating automation and artificial intelligence (AI) into processes can also bring new vulnerabilities to the surface. As a result, industrial cyberattacks are becoming more common. There’s been an obvious rise in threats, according to Deloitte. Amid the 400% increase in IoT malware attacks across various industries, manufacturing has been the most-targeted sector.

Given these challenges, how are industrial companies managing cybersecurity? What investments and measures are global players in the industry relying on to bolster their OT cybersecurity efforts? To find out, we worked with Omdia to survey more than 300 cybersecurity decision-makers from large global companies. We share some of our findings here, along with recommendations for improvement based on what the survey uncovered.

Why OT security must evolve now

OT systems weren’t originally designed to withstand external attacks, and IT-OT convergence brings even more challenges. As we mentioned above, however, as automation enters the world of manufacturing, cybersecurity efforts must evolve to address the unique obstacles it introduces.

In addition, the potential outcomes associated with compromised OT systems, such as injury to workers, environmental hazards and other damage, make OT security a topic with major social implications.

But the diversity of OT networks has made it difficult to develop suitable security concepts that apply to everyone. Each industry has different standards and multi-layered supply chains. This is why numerous legal initiatives, such as NIST (USA) and NIS 2 (EU), now exist. They’re intended to enforce general security standards across the board, helping industrial environments create a cybersecurity foundation they can build on.

3 Critical findings about OT security

Based on what cybersecurity leaders shared with us in our survey, there are three important findings that can help us understand where the industry stands with digitalization and cybersecurity.

1. There’s room for improvement when it comes to visibility

Visibility—having a clear understanding of the cybersecurity landscape—is critical to implement and track targeted technical, organizational and procedural measures. But only 63% of survey respondents stated that having visibility of all their devices is “very important” to guarding against cyberattacks. It’s clear that not all companies yet recognize the importance of visibility.

This conveys that there may be a gap in awareness or understanding about the critical role visibility plays in improving cybersecurity. Being able to “see” all your devices makes it easier to identify and address threats promptly.

2. Next-gen firewalls with DPI should be more of a priority

Traditional firewalls only fulfill the task of preventing certain traffic on certain ports. This is no longer sufficient for modern cybersecurity. But when it comes to next-gen firewalls, only 43% of participants said they’re “very important.”

These devices feature deep packet inspection (DPI), meaning that the contents of the communication that passes through the firewall are also analyzed. This means next-gen firewalls can detect threats that may bypass traditional firewalls.

3. Cyber assessments need to be conducted more often

Because cybersecurity is a continuous process, conducting regular cybersecurity assessments is fundamental to guiding security strategies, making decisions about security architecture and solutions, and prioritizing security measures.

While companies should conduct cyber assessments at least quarterly, just over half the respondents say they conduct cyber assessments at least this often.

6 Recommendations to improve your OT security

Based on the results of our survey, we created this list of recommendations to guide your future-oriented OT security efforts.

1. Conduct a cybersecurity assessment at least quarterly to make sure you’re focused on the right risk mitigation efforts. These assessments should include risk identification, compliance checks, evaluation of existing security controls, etc.
   
   
2. Establishing visibility and awareness across your entire network and associated processes is key to building a strong cybersecurity foundation. To do this, consider implementing comprehensive monitoring tools so you can analyze network traffic, activities and behaviors in real-time.
   
   
3. Implement defense-in-depth strategies that address the evolving threat landscape. This means using multiple layers of security and relying on a variety of tactics to respond to a wide range of attacks.
   
   
4. Taking a holistic approach to cybersecurity helps you protect your organization’s entire infrastructure. Bring IT and OT expertise together through shared processes and cross-team collaboration to unify security.
   
   
5. Invest in customized cybersecurity architectures. They typically lead to better resilience than siloed, best-in-class approaches. They can address your unique needs, risks and requirements.
   
   
6. Protect every layer of your OT environment, from the I/O block to the cloud.

Want to review the full results of our survey?

Download the white paper

Related links:

• White paper: Moving Beyond Visibility
• OT Cybersecurity Checkup: 300 Leaders Weigh in on Progress
• IT Security vs. OT Security: What Are The Key Differences?