For the past several years, ARC Advisory Group has partnered with cybersecurity firm Kaspersky to create an annual survey on key trends in INCS cybersecurity. The 2020 report is definitely worth a read, as it shows the impact of COVID-19 on ICS cybersecurity organizations, spending, and technology trends that end users expect to see throughout the coming year. The 2020 survey had over 330 responses from industrial companies and organizations around the world. You can also read the 2017, 2018, and 2019 reports.
Over 45 percent of respondents answered that they believed that COVID-19 will result in a drastic change in OT level cybersecurity priorities in their organizations. Most of these changing priorities are driven by the exodus of workers from the office to home offices. Working from home means a different approach to cybersecurity and increases the threat surface to organizations. This is especially true for companies and employees focused on the OT level, where physical and often mission critical processes are controlled, creating the potential for damage to human health, safety, and the environment.
Cybersecurity Assessments of OT Level Networks
The survey shows that security scans of OT level networks have increased since 2019. The growing installed base of IoT devices at the OT level are a major reason for this. Forty-four percent of respondents indicated that they conduct OT level network security scans annually.
Digital Transformation Initiatives at the OT Level
The global pandemic has only accelerated digital transformation initiatives. More than 44 percent of global respondents indicated that they are preparing their organizations for OT level digital transformation initiatives.
Similar to previous years, respondents indicated that avoiding injury or death to employees was the primary challenge faced by OT level organizations in 2020. From the report:
This year, the effects after an attack and the resulting costs were especially important. In 2019 the situation was different. In that survey, the cost of incident response and loss of customer confidence were deemed to be rather unimportant (only 5%). It’s clear that a new perception is emerging. Due to the increasing sophistication of cyberattacks against industry assets6, the effects are more noticeable. In addition, operational units now regularly report7 to the board of directors so that the effects after a cyber-incident can be better analyzed.