New Cisco Research Shows OT Security is a High Priority for Industrial Organizations

by Amy Larsen DeCarlo, posted in Secure
Amy Larsen DeCarlo – Principal Analyst, Security and Data Center Services

Summary Bullets:

• In a survey of more than 1,000 large industrial organizations, Cisco finds that 89% of all organizations label OT cybersecurity as either very or extremely important.

• Eighty-seven percent (87%) say that they will have a unified cybersecurity approach by 2026 for information technology (IT) and operational technology (OT) networks.

A rash of high-profile cyberattacks on industrial organizations is driving a renewed understanding of the criticality of having an effective security strategy. In its survey of decision makers from 1,000 large organizations, Cisco notes that the overwhelming majority label cybersecurity as a top priority. Many – 37% – see cybersecurity risks as a barrier to growth. Forty percent (40%) worry about the scarcity of skilled workers stalling expansion plans.

In its mid-year report, the OT security provider Otorio reports that 88% of security professionals have cited serious disruption in their OT environments over the last 12 months due to cyberattacks. Seventy-five percent (75%) say their level of anxiety about the level of risk to their OT environments is higher than it was a year ago.

Enterprises recognize the importance of modernizing their industrial infrastructures. The Cisco research has revealed most organizations are increasing their OT investments, with 63% saying raising infrastructure spending. Sixteen percent (16%) are significantly increased spending this year. The number increases in correspondence the larger the companies’ revenues are. Twenty-four percent (24%) of enterprises with revenues over $30 billion made a substantial OT infrastructure investment increase in the last year.

Forty-one percent (41%) of decision makers say the most critical security issues are associated with vulnerabilities in legacy systems and outdated software. Forty percent (40%) note malware and ransomware attacks against OT, and industrial control systems were the biggest risks to operational continuity.

There is an increasingly understanding their needs to be more of a collaborative approach to IT and OT security. Twenty-seven percent (27%) of those surveyed by Cisco say limited SOC visibility into OT security policies have put their environments at risk. Eighty-seven percent (87%) say that by 2026, there will be a significant benefit in having a consolidated cybersecurity construct for IT and OT networks. The number is even higher among executives – 92%.

While the direction is clear, it is also apparent that organizations have a long and complicated road to travel before they arrive at that more collaborative destination. That said, there is no shortage of guidance available to all parties through standards bodies, governments, and non-profits. The obvious first step is to get OT and IT professionals talking through organized working groups, overseen directly by executives.

Leave a Reply