Critical infrastructure providers struggling to stay secure
Nine in 10 critical infrastructure providers have had their environments damaged by a cyber attack in the last two years, according to research from cybersecurity company Tenable and the Ponemon Institute.
A survey of representatives from critical infrastructure operators from markets including Australia found that 62% had experienced two or more cyber attacks in the past two years. Nearly a quarter (23%) reported falling victim to at least one nation state attack over this time.
Meanwhile, half of organisations experienced an attack in the past two years against operational technology (OT) infrastructure that resulted in equipment downtime.
Factors leaving critical infrastructure providers vulnerable to attack include a lack of visibility into their organisation’s attack surface (cited by 80% of respondents), lack of personnel (61%) and an over-reliance on manual processes (55%).
“OT professionals have spoken — the people who manage critical systems such as manufacturing plants and transportation almost unanimously state that they are fighting off cyber attacks on a regular basis,” Tenable Senior Director of Strategic Initiatives Eitan Goldstein said.
Goldstein said one factor making it challenging for organisations to respond to attacks is the trend of convergence of IT and OT systems, which is exposing once-isolated OT systems to a range of different attack paths.
“Organisations need visibility into their converged IT/OT environments to not only identify where vulnerabilities exist but also prioritise which to remediate first,” he said. “The converged IT/OT cyber problem is one that cybersecurity and critical infrastructure teams must face together.”
Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.
The company has released the Windows 10 Insider Preview Build 19033 in both the fast and slow...
Regulators have taken enforcement action against iiNet, Telstra and Optus for breaching their...
86% of ASX100 companies aren't implementing email security best practices, leaving them...