Critical Infrastructure Cyber Attacks a Greater Concern than Enterprise Data Breaches for Three in Four IT Security Professionals


Research Reveals Practitioners’ Attitudes and Concerns Around Operational Technology (OT) Security

Claroty has released research into the state of industrial cybersecurity worldwide, which found that 74% of IT security professionals globally are more concerned about a cyber attack on critical infrastructure than an enterprise data breach. An independent survey of 1,000 full-time IT security professionals was carried out in the United States, United Kingdom, Germany, France, and Australia to determine the attitudes and concerns of IT security professionals related to OT security.

Looking at an overall picture of the security of industrial networks, the survey found that 62% of global respondents believe that industrial networks are properly safeguarded against cyber attacks and that 60% believe their country’s critical infrastructure is adequately protected.

However, some regions are more confident than others. Respondents from Australia (93%) and Germany (96%) are much more confident in the overall safety of industrial networks versus respondents from the U.K., U.S. and France. They are also more confident that their country’s critical infrastructure is properly secured against cyber attacks, with 90% of respondents from Australia and 99% from Germany saying that they are adequately protected.

“While IT and OT convergence unlocks business value in terms of operations efficiency, performance, and quality of services, it can now be detrimental because threats, both targeted and non-targeted, now have the freedom to manoeuvre from IT to OT environments and vice versa,” said Dave Weinstein, Chief Security Officer of Claroty. “Our mission is to help security practitioners to bridge the gap between IT and OT cybersecurity, ensuring that all bases are protected from cyber attack. This is even more critical in this new normal of largely remote workforces, which create additional burden on Chief Information Security Officers to remotely secure their production environments.”

In terms of industries and direct threats, the research found that globally, 45% of IT security professionals see electric power as the most vulnerable sector of critical infrastructure, followed by oil and gas (21%). Furthermore, 43% would put hacking at the top of the list of threats to industrial networks that they are most concerned about, followed by ransomware (33%).

The survey also explored whose responsibility it is to protect critical infrastructure from cyber attack, and the results weighed heavily in favour of government over the private sector. In fact, 100% of respondents from Germany believe it is the government’s responsibility, followed by Australia (98%), the U.K. (91%), France (89%), and the U.S. (87%).

Claroty improves the availability, safety, and reliability of OT assets and networks within industrial enterprises and critical infrastructure. The Claroty Platform provides comprehensive OT asset and network visibility, segmentation, vulnerability management, threat detection, risk assessment, and Secure Remote Access capabilities (SRA) — all within a single, agentless solution. Unique to Claroty, SRA provides a single, secure, and clientless interface through which all external users connect prior to performing software upgrades, periodic maintenance, and other support activities on assets within OT networks. This is all enriched by the company’s award-winning OT security research department.

The Global State of Industrial Cybersecurity report is available here.