Global Industrial Cybersecurity Study Reveals Challenges and Priorities Amid Persistent Ransomware Threats

As information technology (IT) and operational technology (OT) converge and the attack surface for cybercriminals continues to expand, ransomware remains a concern for those tasked with defending cyber-physical systems (CPS). This concern is widespread and has been heightened due to the fact that the impact of these incidents are not just financial, and at times can cause operational disruptions to critical systems. These harmful incidents have also led to a rise in new technology, shaped recent industry regulations and standards, and have caused a rise in demand for cyber insurance. Industrial organizations have dealt with unprecedented challenges in recent years — and new data suggests that this trend has persisted into 2023. 

To better understand how industrial organizations are responding to persistent ransomware threats, adopting new technology, and meeting new regulatory standards as financial losses mount and cyber insurance premiums increase, Claroty commissioned an independent global survey of 1,100 IT and OT security professionals who work full time for enterprises that own, operate, or otherwise support components of critical infrastructure. The results are now available in our new report, The Global State of Industrial Cybersecurity 2023: New Technologies, Persistent Threats, and Maturing Defenses. Highlights include: 

Cybersecurity incidents are plaguing the industrial sector, with financial ramifications on the rise

• 75% of the industrial sector experienced a ransomware attack in the past year

• Of that 75% of respondents, 69% paid the ransom, and more than half (54%) of those who paid the ransom suffered financial ramifications of $100,000 USD or more

Industry regulations and standards are driving OT security priorities and investments 

• 45% of respondents say that TSA Security Directives have had the most significant impact on their organization’s security priorities and investments, followed by CDM DEFEND (39%) and ISA/IEC-62443 (37%)

New technologies are being integrated into OT environments, and are fueling concerns  

• 61% of respondents are currently utilizing security tools that leverage generative AI

• Alarming 47% of these respondents say that it raises their security concerns 

Demand for cyber insurance spikes as ransomware incidents continue to cause significant financial loss

• Survey trends have shown a large majority (80%) of organizations have opted for cyber insurance policies

• About half (49%) have opted for policies with coverage of half a million dollars or more

Encouragingly, organizations are working towards closing gaps in processes and technology

• Organizations are working to fill gaps within their OT security in the next year, reporting at 43% that risk assessment is their number one security initiative for 2024

• Vulnerability management efforts are maturing. Over three-fourths (78%) described their approach to identifying vulnerabilities as “moderately” or “highly” proactive

• While 77% describe their approach to network segmentation as “Moderate” or “Mature

Overall, the survey displayed that industrial organizations are increasingly prioritizing OT cybersecurity and compliance. However, due to the impact of attacks and emergence of new technologies, there are opportunities to further strengthen their security programs to ensure cyber and operational resilience. According to Yanvi Vardi, CEO of Claroty, “Our study shows that there is clearly no shortage of challenges facing OT security professionals, but we also found tremendous room for opportunity and appetite to mature security posture across industrial environments. Organizations are already working to bolster their risk assessment, vulnerability management and network segmentation practices, in order to be highly proactive in their defense of cyber-physical systems.” 

As the study reveals, industrial organizations are on the right track to securing their CPS environments by prioritizing risk management and focusing their OT security priorities and investments around adherence to industry standards and regulations. However, given the prevalence, variety, and impact of cyber attacks, there are opportunities for organizations to further strengthen their security programs. As generative AI solutions continue to advance, and new and more advanced threats emerge, organizations must adhere to cybersecurity best practices and partner with the right CPS security vendor to ensure that their unique environment is protected. 

To access the full set of findings and analysis, download the Global Industrial Cybersecurity Study 2023 here.