By Eric Ehlers
Growth of cybersecurity attacks continues to rise in the operations technology (OT) sector, but assaults should expand from the enterprise side of the network onto OT over the next year.
That information came from Cisco’s Annual Security Report, where the findings detail some more important insights for the industrial sector.
Trends were observed over the past 12-28 month and come from research from various partners and also includes a survey of 3,600 chief security officers and security operations managers across 26 countries.
Key findings in the reports include:
• Malware is becoming more sophisticated and attacks are not always holding the systems and data hostage, but actually eliminating that information
• Attacks can persist across computers across a large scale and can persist for months or even years
• Automation, machine learning, and artificial intelligence are being more widely implemented in helping teams overcome the security skills gap in the organization as well as assisting these teams identify threats and responding accordingly
The report also notes Internet of Things (IoT) deployments continue to grow, but so do the threat landscapes.
IoT botnets continue to grow and become more mature, and on top of that, 2017 saw an increase in DDoS attacks.
Adding to the growing issue is 30 percent of the security professionals surveyed saw an attack on their OT infrastructure while 38 percent noted they expect the attacks to expand from the enterprise side of the network onto the OT network within the next year.
Within the manufacturing sector, 45 percent of respondents noted they upgrade their security infrastructure on a regular basis, but were not always equipped with the latest technologies. Fifty-eight percent felt the tools they have in place with regards to the industrial zone were very efficient and that 53 percent of those surveyed were employing a defense in depth strategy within the industrial zone.
The most top three elements viewed as critical to an overall industrial security strategy included virus protection, encryption, and port security. Orchestration of alerts and the from multiple vendors and products across organizations was noted as a continued challenge in addition to a lack of skilled security professionals as a talent gap.
The report also notes some important steps that can help organizations stay ahead of potential threats for Industrial Control Systems (ICS) including:
• Review the vendors, systems and check all patches are up to date and implemented promptly
• Reduce the use of USBs/DVD drives
• Isolate OT systems from IT networks and direct connections between the two
• Implement policies that limit the use of ICS networks for only essential operations
• Research and eliminate embedded or default passwords in the production network and implement two-factor authentication where possible
• Review plans for disaster recovery on a regular basis
Feel free to download the full report.