Report: Employees Trigger Most Industrial Network Cybersecurity Incidents
Employee errors caused more than half of cybersecurity incidents affecting operational technology and industrial control system (OT/ICS) networks last year, a recent Kaspersky report said.
The vendor’s State of Industrial Cybersecurity 2019 study blamed the growing complexity of industrial infrastructures, a shortage of professionals who understand how to detect new threats, and a low awareness among existing employees for the operator errors. The study found that budget constraints are also a significant factor in why employee errors cause 52 percent of all ICS incidents, ranging from malware infections to targeted attacks.
Data from the study was gleaned from online surveys with 282 industrial companies and organizations and from 20 industry representatives attending trade fairs and forums. The majority of responses came from companies in Asia, Europe and the U.S.
Here are the report’s highlights:
Organizations’ top 3 concerns of ICS cybersecurity incident.
- Reputational damage (87%).
- Injury or death (84%).
- Environmental damage (63%).
- Digitalization of industrial networks and adoption of Industry 4.0 standards are a priority for many industrial companies.
- Four out of five organizations (81%) consider operational network digitalization to be an important or very important task for this year.
On industrial cybersecurity budgets.
- 87% of respondents prioritize OT/ICS cybersecurity.
- 57% have allocated budget for industrial cybersecurity.
- 62% plan to increase investment in OC/ITS cybersecurity.
On skilled staff.
- Organizations are not only experiencing a lack of cybersecurity experts with the right skills to manage protection for industrial networks, but also are worried that their OT/ICS network operators are not fully aware of the behavior that can cause cybersecurity breaches.
- In almost half of the companies (45%) surveyed, the employees responsible for IT infrastructure security also oversee the security of OT/ICS networks.
- Although operational and corporate networks are becoming increasingly connected, OT and ICS specialists can often have different approaches (37%) and goals (18%) when it comes to cybersecurity.
“This year’s study shows that companies are seeking to improve protection for industrial networks. However, this can only be achieved if they address the risks related to the lack of qualified staff and employee errors,” said Georgy Shebuldaev, brand manager for Kaspersky Industrial Cybersecurity. “Taking a comprehensive, multi-layered approach that combines technical protection with regular training of IT security specialists and industrial network operators will ensure networks remain protected from threats and skills stay up to date.”
What are companies doing?
Think cloud: Almost half of companies (41%) are ready to connect their OT/ICS network to the cloud using preventive maintenance or digital twins, the study found.
“The growing interconnection between IIoT edge devices and cloud services continues to stand as a security challenge,” said Dr. Jesus Molina, who chairs the IIC Security Working Group, part of the Industrial Internet Consortium tasked with developing a common security framework to assess security in Industrial Internet Systems. “It was a major driver for the creation of the IIC Industrial Internet of Things Security Framework as well as the subsequent best practices documents and recent IoT Security Maturity Model,” said Molina, who also serves as Waterfall Security Solutions director of business development.
In April, the Israel-based Waterfall, which provides industrial remote monitoring platforms, applications, databases and protocols, signed a global partnership with Dragos, an asset identification, threat detection and response platform and services, to protect critical industrial control systems from advanced cyber threats.