A recent study conducted by Opswat revealed that while cybersecurity budgets have seen an increase in recent years, a significant portion of these investments are still primarily focused on traditional business systems such as IT. Holger Fischer, the director of sales for EMEA Central at Opswat, emphasized the need for a shift in focus towards industrial control systems (ICS) and operational technology (OT) environments in order to better protect companies from cyberthreats.
Fischer pointed out that the current emphasis on IT security leaves ICS/OT environments vulnerable to cyberattacks, ultimately putting the entire company at risk. He emphasized the importance of a more holistic approach to cybersecurity that includes securing industrial control systems and operational technology.
The study also highlighted the need for a cross-sector security strategy, as nearly three out of every five respondents reported that attacks on OT networks often originated from compromises in the IT infrastructure. Other common attack vectors included internet-connected devices, compromise of engineering workstations, and exploited publicly accessible applications.
According to the study, 33% of attacks on OT networks were traced back to internet-connected devices, highlighting the growing threat posed by the proliferation of connected devices in industrial settings. Additionally, 30% of attacks were a result of compromised engineering workstations, indicating the need for enhanced security measures for these critical systems. Exploitation of publicly accessible applications accounted for 27% of attacks, underscoring the importance of securing all points of entry into OT networks.
As companies increasingly rely on interconnected systems to streamline operations and improve efficiency, the need for a comprehensive security strategy that encompasses both IT and OT environments has become more apparent. The convergence of traditional IT systems with industrial control systems has created new vulnerabilities that malicious actors are quick to exploit.
In order to effectively defend against cyberthreats, organizations must prioritize the protection of their operational technology and industrial control systems. This includes implementing robust security measures for engineering workstations, internet-connected devices, and publicly accessible applications. By taking a proactive approach to cybersecurity and adopting a cross-sector security strategy, companies can better safeguard their critical infrastructure and mitigate the risks associated with cyberattacks.
In conclusion, the study conducted by Opswat serves as a stark reminder of the evolving threat landscape facing organizations today. As cyberattacks become increasingly sophisticated and pervasive, it is imperative that companies take a proactive and comprehensive approach to cybersecurity. By investing in the security of both traditional IT systems and industrial control environments, organizations can better protect themselves against cyberthreats and minimize the potential impact of a security breach.