IT professionals are concerned about operational technology (OT) security and attacks on critical infrastructure, with a number of people saying the responsibility lies with government, according to a new report.
Research released by Claroty, the industrial cybersecurity specialist, found that 74% of IT security professionals around the world are more concerned about attacks on critical infrastructure than an enterprise data breach.
When it comes to industries and direct threats, the research found that globally 45% of IT security professionals see electric power as the most vulnerable sector of critical infrastructure. This is followed by oil and gas (21%).
In Australia, respondents believe the following are most vulnerable: electric power, (45%) oil and gas (26%) chemical (17%) transportation (9%) and water (3%).
In addition, 43% would put hacking at the top of the list of threats to industrial networks that they are most concerned about, followed by ransomware (33%).
The survey also investigated how IT security professionals feel about responsibility when it comes to threats and attacks.
In fact, many feel government is more responsible than the private sector, with 100% of respondents from Germany believing it is the government's responsibility, followed by Australia (98%), the UK (91%), France (89%), and the US (87%).
However, some professionals are confident in the state of their security. The report shows that 62% of global respondents feel that industrial networks are properly safeguarded against cyber attacks and that 60% believe their country's critical infrastructure is adequately protected. The level of confidence varies country to country.
Respondents from Australia (93%) and Germany (96%) are much more confident in the overall safety of industrial networks versus respondents from the UK, US and France.
They are also more confident that their country's critical infrastructure is properly secured against cyber attacks, with 90% of respondents from Australia and 99% from Germany saying that they are adequately protected.
Claroty chief security officer Dave Weinstein says, “While IT and OT convergence unlocks business value in terms of operations efficiency, performance, and quality of services, it can now be detrimental because threats, both targeted and non-targeted, now have the freedom to manoeuvre from IT to OT environments and vice versa.
He says, “Our mission is to help security practitioners to bridge the gap between IT and OT cybersecurity, ensuring that all bases are protected from cyber attack.
"This is even more critical in this new normal of largely remote workforces, which create additional burden on Chief Information Security Officers to remotely secure their production environments.
Claroty offers solutions to secure OT assets and networks within industrial enterprises and crittical infrastructure. The Claroty Platform provides OT asset and network visibility, segmentation, vulnerability management, threat detection, risk assessment, and Secure Remote Access capabilities (SRA) within one solution.
The report is based on an independent survey of 1,000 full-time IT security professionals in the United States, United Kingdom, Germany, France, and Australia focused on the attitudes and concerns of IT security professionals related to OT security.