75% of the Industrial Sector Experienced a Ransomware Attack in the Past Year, Claroty Study Finds
As
The study shows that, when it comes to ransomware attacks, the impact on OT environments is catching up to the impact on IT environments. In Claroty's previous survey conducted in 2021, 32% of ransomware attacks impacted IT only, while 27% impacted both IT and OT. Today, 21% impact IT only, while 37% impact both IT and OT – a significant 10% jump for the latter in just two years. This trend speaks to the expanding attack surface area and risk of operational disruption that comes with IT/OT convergence.
On top of the growing operational impact of ransomware, the staggering financial impact persists. Of the 75% of respondents whose organizations were targeted by ransomware attacks in the past year, 69% paid the ransom, and more than half (54%) of those who paid the ransom suffered financial ramifications of
The pressure of combating increased threats as well as financial loss comes as new technologies are being integrated into OT environments. For example, 61% of respondents are currently utilizing security tools that leverage generative AI and an alarming 47% say that it raises their security concerns.
In light of these challenges brought on by combating ransomware and integrating new technology, governments have recognized the need for industry regulations and standards, which are now driving OT security priorities and investments. 45% of respondents say that TSA Security Directives have had the most significant impact on their organization's security priorities and investments, followed by CDM DEFEND (39%) and ISA/IEC-62443 (37%).
"Our study shows that there is clearly no shortage of challenges facing OT security professionals, but we also found tremendous room for opportunity and appetite to mature security posture across industrial environments," said
While implementing generative AI may be giving some pause, progress and advancements are being made to close gaps in processes and technology:
● Network Segmentation: 77% describe their approach to network segmentation as "moderate" or "mature," which is essential for restricting the lateral movement of cyberattacks through the network, including from IT to OT.
● Vulnerability & Risk Management: 78% described their approach to identifying vulnerabilities as "moderately" or "highly" proactive, a notable increase from 66% in 2021. However, the pace of vulnerability disclosures and patch releases are outpacing organizations' ability to address them; as a result, organizations are exploring a variety of risk scoring methods to help prioritize. The most popular methods are the Common Vulnerability Scoring System (CVSS), used by 52% of global respondents, followed by existing security solutions' risk scores (49%), the Exploit Prediction Scoring System (EPSS) (46%), and the Known Exploited Vulnerabilities (KEV) Catalog (45%).
● Future Initiatives: The top OT security initiatives that respondents plan to implement in the next year are risk assessment (selected by 43% of respondents), followed closely by asset, change, and/or lifecycle management (40%) and vulnerability management (39%).
To access the full set of findings and analysis, download "The Global State of Industrial Cybersecurity 2023: New Technologies, Persistent Threats, and Maturing Defenses" here.
Methodology
Claroty contracted with Pollfish to conduct a survey of 1,100 information technology (IT) and operational technology (OT) security professionals in
About Claroty
Claroty empowers organizations to secure cyber-physical systems across industrial, healthcare, commercial, and public sector environments: the Extended Internet of Things (XIoT). The company's unified platform integrates with customers' existing infrastructure to provide a full range of controls for visibility, risk and vulnerability management, threat detection, and secure remote access. Backed by the world's largest investment firms and industrial automation vendors, Claroty is deployed by hundreds of organizations at thousands of sites globally. The company is headquartered in
View original content to download multimedia:https://www.prnewswire.com/news-releases/75-of-the-industrial-sector-experienced-a-ransomware-attack-in-the-past-year-claroty-study-finds-302007202.html
SOURCE Claroty
Arthur J. Gallagher & Co. Completes Acquisition of The Evans Agency, LLC
Amynta Group to Acquire Sutton Special Risk
Advisor News
- Confidence is key to cold calling success
- Overcoming the indecision of prospects
- What issues top consumers’ list of financial goals for 2025?
- 3 issues investors must be aware of in 2025
- More Americans plan to focus on finances in 2025
More Advisor NewsAnnuity News
- Sapiens wins XCelent award for Customer Base and Support for UnderwritingPro for Life & Annuities
- SB 263 expected to bring chaos to Calif. insurance, annuity sales come Jan. 1
- Lincoln Financial hires industry veteran Tom Morelli as Vice President, Investment Distribution
- Structured settlements protect young injury victims | H. Dennis Beaver
- MetLife Inc. (NYSE: MET) Highlighted for Surprising Price Action
More Annuity NewsHealth/Employee Benefits News
- 5 of the most frustrating health insurer tactics and why they exist
- Editorial: Agenda setting
- Thousands of Alaskans face another major spike in their health care costs next year
- Filling jobs will be crucial for Connecticut economy in 2025
- Filling jobs will be crucial for state's economy in 2025
More Health/Employee Benefits NewsLife Insurance News
- Confidence is key to cold calling success
- Exemption Application under Investment Company Act (Form 40-APP/A)
- AM Best Assigns Credit Ratings to Min Xin Insurance Company Limited
- Proxy Statement (Form DEF 14A)
- Prudential Financial Completes Guaranteed Universal Life Reinsurance Transaction With Wilton Re and Completes Internal Captive Restructure
More Life Insurance News