《ABI Research&派拓網絡:2024運營技術(OT)安全狀況:趨勢、風險和網絡彈性綜合指南(英文版)(26頁).pdf》由會員分享,可在線閱讀,更多相關《ABI Research&派拓網絡:2024運營技術(OT)安全狀況:趨勢、風險和網絡彈性綜合指南(英文版)(26頁).pdf(26頁珍藏版)》請在三個皮匠報告上搜索。
1、Michael M.Amiri,Senior Analyst Michela Menting,Senior Research Director THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCETHE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEEXECUTIVE SUMMARYIndustrial operations are increasingly under threat
2、.OT attacks are common,widespread,and extremely frequent.These attacks are primarily IT-borne,and ransomware,in particular,has had a devastating effect on industrial environments in the last few years.The business impacts have been immediate and major,forcing operational shut down,lost revenue,and s
3、ignificant remediation costs.This state of affairs has pushed cybersecurity to the top of the agenda for industrial operators.Spending on OT cybersecurity is expected to grow over the next two years,but implementation of the right solutions is no easy feat.There are a number of obstacles that indust
4、rial operators need to overcome,not least being the siloed operations of OT and IT teams and their resulting misalignment on cybersecurity decision-making and cooperation.However,convergence of the two is progressing,albeit slowly,and most industrial operators expect decision-making on cybersecurity
5、 to be cohesively centralized for both IT and OT.Beyond that,industrial operators will need to address increasing compliance requirements from upcoming regulations and standards in the field,as well as the risks posed by their adoption of new technologies and processes,including AI,remote access,clo
6、ud,5G,and robotics.All of these pose their own unique set of challenges.Nonetheless,they also offer new ways to implement cybersecurity technologies for OT environments.Ultimately,industrial operators are conscious of the need to adapt cybersecurity to the new demands of the day,and this is pushing
7、them in the direction of Zero Trust implementation.The key to successful deployment will be to choose the right provider,and not least,one with expertise in both OT and IT environments,able to serve up the best security for both worlds.TABLE OF CONTENTSExecutive Summary.2A Changing Era for Industria
8、l Operators.3OT and IT:Siloed but Moving toward Convergence.9Regulation as a Driving Security Force .11AI:A Double-Edged Sword for OT.13Emerging Technologies Can Amplify OT Security,but Challenges Persist.16Moving Forward with OT Security.19Top Five Lessons Learned by Industrial Operators.23MTHE STA
9、TE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEA CHANGING ERA FOR INDUSTRIAL OPERATORSOperational Technology(OT)teams once felt fortified against cyberattacks in industrial operations,given their air-gapped systems,legacy assets,proprietary technologies,fragmented end marke
10、ts,etc.However,the narrative has greatly changed within the last several years;considering the many news headlines reporting on various OT attacks on industrial firms.Take the EKANS ransomware attack on Honda in 2020 as an example,forcing multiple factory shutdowns worldwide.Or look at the 2022 sate
11、llite-born attack disrupting the operations of 5,800 wind turbines in Germany.Other successful attacks include the Industroyer2 malware attack on electrical substa-tions used by Ukrainian energy companies and the notorious Colonial Pipeline shutdown in 2021.What these recent attacks tell us is that
12、the unabated expansion of cyberthreats has found ways to intrude into every corner of modern organizations,and industrial operations are no exception.To illustrate,3 out of 4 organizations state they have experienced a cyberattack on their OT environment,with most experiencing fre-quent attacks.This
13、 trend makes sense,given the acceleration of digital transformation happening in the industrial sector.While mali-cious actors have a wide range of motivations to target OT operations at industrial firms,a successful attack on these companies holds immense financial or political potential.Manufactur
14、ing plants cannot afford to be shut down for several days or even weeks;it would be a business disaster.Similarly,modern society cannot function if the railroads shut down or the electrical grid goes dark.The high-risk nature of industrial operations means that safeguarding an OT environment is esse
15、ntial not only for business continuity,but also for national security.It is worth noting that 7 out of 10 industrial OT attacks originate in Informational Technology(IT)environments,signaling an urgent need for OT and IT departments and technologies to start working more closely together.OT-IT conve
16、rgence will end existing silos and en-able organizations to purchase cybersecurity tools that address both departments simultaneously.This tight cooperation between the two will be important as industrial firms adopt new technologies that pose new risks to the network environment.Artificial Intellig
17、ence(AI),robotics,5G,the cloud,and remote access will accelerate the challenges that a holistic approach to cyber protection can mitigate.Understanding the threat landscape is the first step.Is this driven by adversaries in political conflict,or is there a growing opportunity for organized crime whe
18、re there was not one before?The answer is not so black and white.Threat actors engage for a variety of rea-sons,many of which can overlap:financial opportunities arise in targeting critical infrastructure because they are increasingly connected or because governments are turning a blind eye to targe
19、ts that were once off limits.The reasons are endless and complex.The second step is finding appropriate solutions to counter the threats and minimize the risks to OT.Industrial environments can differ significantly,presenting a highly fragmented ecosystem with different risk tolerance.Understanding
20、the target,as well as the threat landscape,goes a long way to building an effective defense.3 out of 4 organizations have experienced a cyberattack on their OT THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCETo obtain a better picture of the dangers and the risks to O
21、T environments today,Palo Alto Networks commissioned a global survey of 1,979 respondents across 16 different end markets with the goal of investigating the state of OT security and taking the pulse of C-suite management and practitioners in large industrial organizations.The survey questions addres
22、sed major topics,including risks to industrial operations and organizational approaches to protection and incidence response,as well as trends,preferences,and demands in terms of applicable solutions.The survey revealed some interesting findings across the board,but the biggest,loudest message was t
23、hat OT is a high-profile and lucra-tive target today for cyberthreat actors,and that industrial operators still have a lot of obstacles to overcome in terms of securing their OT environments appropriately.KEY FINDINGS Cyberattacks can shut down OT operations.Almost 70%of industrial organizations hav
24、e experienced a cyberattack in the past year,and 1 out of 4 experienced a shutdown of operations as a result.Cybercriminals are the most feared,more so than state-sponsored groups or hacktivists.Malware,ransomware,and insider attacks are the top 3 threats according to industrial operators.IT is the
25、main vector,with 72%of attacks targeting the OT originating there.Regulatory pressure on OT is growing;74%of executives believe it will increase in the next 2 years.5G security will become essential,as 70%of respondents believe 5G devices to be an OT threat vector.The move to the cloud will reinforc
26、e OT security,according to 80%of respondents.AI is a double-edged sword.74%say AI attacks against OT are a critical issue today,but 8 out of 10 also agree that AI will be key to stopping OT attacks.Friction between OT&IT is a challenge.40%say that their OT and IT teams are frictional,and only 12%say
27、 they are aligned.The importance of IT/OT platformization:7 out of 10 respondents are clear on their intention to consolidate IT&OT solutions from the same cybersecurity vendor.Increasing remote access is a major concern:3 out 4 agree that remote access is on the rise for both employees and third pa
28、rties.Zero Trust is the North Star:87%of industrial respondents believe that Zero Trust is the right approach to securing OT environments.OT is a high-profile and lucrative target today for cyberthreat THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEOT ATTACKS COMMON,
29、WIDESPREAD,AND EXTREMELY FREQUENT!One of the most alarming findings revealed early on in the survey is that more than 76%of respondents stated that their organizations had experienced a cyberattack in their OT environment.This completely dispels the illusion that industrial operations are immune to
30、cyberthreats.Today,they are a real and common target,as evidenced by the high-profile attacks covered in the media in the last few years.These attacks are only the tip of the iceberg.Clearly,a vast majority of industrial operators are already feeling the heat of OT-targeted attacks.The top 3 most fe
31、ared attacks against OT were Malware,Ran-somware,and Insider Attacks.From Stuxnet to Lockbit,the threat landscape has evolved from bespoke OT malware targeted against a specific adversary,to IT-borne,highly popular ransomware in-discriminately leveraged at industrial organizations.Extortion and orga
32、nized crime have replaced state-sponsored war games as the biggest threat to industrial operators.Ransomware is particularly prominent today,with syndicates such as DarkSide,BlackCat,and Ryuk having successfully breached the IT-OT gap to target OT environments,with a high success rate in utilities a
33、nd the energy sector.With high payouts(US$4.4 million for Colonial Pipeline),ransomware attacks are a lucrative opportunity for cybercrime.As a result,cyberattacks in the OT environment have become a recurring problem.An overwhelming 75%of respondents reported frequent attacks,often monthly,but also
34、 weekly and daily.This reveals the existence of a dynamic cybercrime ecosystem,one that is clearly well engaged in targeting the OT environment.6 1.1 OT Attacks Common,Widespread,and Extremely Frequent!1.2 One of the most alarming findings revealed early on in the survey is that over 76%of responden
35、ts stated that their organizations had experienced a cyberattack in their OT environment.This completely dispels the illusion that industrial operations are immune to cyberthreats.Today,they are a real and common target,as evidenced by the high-profile attacks covered in the media in the last few ye
36、ars.These attacks are only the tip of the iceberg.Clearly,a vast majority of industrial operators are already feeling the heat of OT-targeted attacks.23%76%Has your organization ever experienced a cyberattack(s)in your OT environment?YESNO7 The top 3 most feared attacks against OT were Malware,Ranso
37、mware,and Insider Attacks.From Stuxnet to Lockbit,the threat landscape has evolved from bespoke OT malware targeted against a specific adversary,to IT-borne,highly popular ransomware indiscriminately leveraged at industrial organizations.Extortion and organized crime have replaced state-sponsored wa
38、r games as the biggest threat to industrial operators.Ransomware is particularly prominent today,with syndicates such as DarkSide,BlackCat,and Ryuk having successfully breached the IT-OT gap to target OT environments,with a high success rate in utilities and the energy sector.With high payouts(US$4.
39、4 million for Colonial Pipeline),ransomware attacks are a lucrative opportunity for cybercrime.As a result,cyberattacks in the OT environment have become a recurring problem.An overwhelming 75%of respondents reported frequent attacks,often monthly,but also weekly and daily.This reveals the existence
40、 of a dynamic cybercrime ecosystem,one that is clearly well engaged in targeting the OT environment.Supply chain attacks are an increasingly problematic threat,used successfully to target a greater number of organizations.With industrial operators using more commercial off the shelf solutions in the
41、ir OT,the blast radius can be significant and highly damaging.05001000150020002500DoSAPT presencePhishingInsider attackRansomwareMalwareWhat types of OT cyberattacks do you fear the most?THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCESupply chain attacks are an incre
42、asingly problematic threat,used successfully to target a greater number of organizations.With industrial operators using more commercial off-the-shelf solutions in their OT,the blast radius can be significant and highly damaging.Insights from Industrial Operators “Evaluate and validate supply chain
43、vendors.”8 How frequently do you typically experience attacks(or incidents)in your OT environment?Insights from Industrial Operators “Evaluate and validate supply chain vendors”1.3 IT Is the Most Popular Attack Entry Point 26%39%19%8%4%2%IT IS THE MOST POPULAR ATTACK ENTRY POINTThe success of ransom
44、ware is reflected in the survey responses,revealing that the primary point of origin for these attacks was in IT.This is confirmed by high-profile media coverage of ransomware,and the fact that it originated in the IT environment.Clearly,ransomware attacks have overcome obstacles related to the perc
45、eived isolation of OT environments.Unfortunately,this success means that run-of-the-mill cyberthreat tools and attacks can realistically be leveraged to target OT and open the door to all kinds of malicious opportunists,keen to take advantage of an ostensibly vulnerable OT landscape.9 The success of
46、 ransomware is reflected in the survey responses,revealing that the primary point of origin for these attacks was in IT.This is confirmed by high-profile media coverage of ransomware,and the fact that it originated in the IT environment.Clearly,ransomware attacks have overcome obstacles related to t
47、he perceived isolation of OT environments.Unfortunately,this success means that run-of-the-mill cyberthreat tools and attacks can realistically be leveraged to target OT and open the door to all kinds of malicious opportunists,keen to take advantage of an ostensibly vulnerable OT landscape.1.4 Busin
48、ess Impacts Are Clear,Immediate,and Major 28%72%Where did the attack originate?ITOTTHE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEBUSINESS IMPACTS ARE CLEAR,IMMEDIATE,AND MAJORThere is no doubt that a high success rate will translate into in-creased momentum and grea
49、ter attractiveness of the OT environ-ment for threat actors,particularly for organized crime.Unfortunately,these attacks have had a significant and immediate business impact,with at least a quarter of respondents stating that they have had to shut down industrial operations in the last year due to a
50、 successful attack,whether as a preemptive measure or due to actual disruption.Shutdowns mean lost revenue opportunities,as well as damage control and event remediation costs,which can in-clude additional security technologies and services,communications with customers and suppliers,law enforcement,
51、and public relations.Longer-term costs can include reputational damage,regulatory pen-alties,higher insurance premiums,and supplier and customer costs due to late or non-deliveries,among others.24%76%In the last year,have you had to shut down your OT operations due to a successful cyberattack?NOYESI
52、nsights from Industrial Operators “Improve incident response skills through periodic drills and simulations.”“Test and update incident response playbooks on a regular basis.”CYBERSECURITY INVESTMENT A BIG PRIORITYThis dangerous state of affairs is driving industrial operators to increasingly focus o
53、n security for their OT environments.Protecting their OT environments is a high priority for almost two-thirds of the respondents,and not likely to be over-looked.Investing in OT cybersecurity is financially feasible,as the estimated average cost of a single breach remediation for a connected asset(
54、OT/Internet of Things(IoT)is between US$10,000 and US$50,000.There is little doubt that cybersecurity initiatives are key to minimizing the cyber risks posed by threat actors,and achiev-ing positive protection mechanisms requires making these initiatives a priority.This includes OT security evaluati
55、ons;the better prepared an operator is,the faster they can remediate an event,and the lower the total cost of the fallout.Spending on OT cybersecurity will continue to be a priority.It is expected to grow over the next two years,according to over half of all respondents.Very fewless than 5%,in facte
56、xpect spending to THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEThere is a clear correlation between the current threat landscape,which is focused and regularly engaged in attacks against OT assets,and the prioritization of cybersecurity strategies and investments b
57、y industrial operators to counter these.However,the success of these strategies is contingent on comprehensive and coordinated internal deployment,which is no easy feat.11 1.5 Cybersecurity Investment a Big Priority This dangerous state of affairs is driving industrial operators to increasingly focu
58、s on security for their OT environments.Protecting their OT environments is a high priority for almost two-thirds of the respondents,and not likely to be overlooked.Investing in OT cybersecurity is financially feasible,as the estimated average cost of a single breach remediation for a connected asse
59、t(OT/Internet of Things(IoT)is between US$10,000 and US$50,000.There is little doubt that cybersecurity initiatives are key to minimizing the cyber risks posed by threat actors,and achieving positive protection mechanisms requires making these initiatives a priority.This includes OT security evaluat
60、ions;the better prepared an operator is,the faster they can remediate an event,and the lower the total cost of the fallout.25%39%29%6%1%0%10%20%30%40%50%Top Priority:Among our top initiatives for this year withappropriate resourcingImportant:An important initiative which is often prioritized overoth
61、er activitiesAverage importance:One of many important activitiescompeting for resourcesOpportunistic:An important initiative,but often receives fewerresources than other initiativesNot a Priority:Not an important focus for this yearTo what extent are cybersecurity initiatives to protect your OT envi
62、ronments a priority?12 Spending on OT cybersecurity will continue to be a priority.It is expected to grow over the next 2 years according to over half of all respondents.Very fewless than 5%,in factexpect spending to shrink.There is a clear correlation between the current threat landscape,which is f
63、ocused and regularly engaged in attacks against OT assets,and the prioritization of cybersecurity strategies and investments by industrial operators to counter these.However,the success of these strategies is contingent on comprehensive and coordinated internal deployment,which is no easy feat.2.OT
64、and IT:Siloed but Moving toward Convergence 1%5%40%37%17%0%5%10%15%20%25%30%35%40%45%Shrink dramatically(fall byover 20 percent)Shrink moderately(fall byunder 20 percent)No changeGrow moderately(rise butby under 20 percent)Grow dramatically(rise bymore than 20 percent)How do you expect your companys
65、 spending on OT cybersecurity to change over the next 2 years?THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEOT AND IT:SILOED BUT MOVING TOWARD CONVERGENCEIndustrial operators have clearly understood that cybersecurity is a requirement for OT environments.Because a l
66、arge major-ity of the attacks originate in IT,OT and IT teams must work together to address the threats.However,the survey reveals that there are obstacles to achieving a coordinated response between the two,especially concerning security investment.MISMATCHED DECISION-MAKING BETWEEN OT AND ITWhen q
67、ueried about the responsibility for OT cybersecurity purchase decisions,the respondents answers were highly varied.Only 40%of respondents stated that these decisions were shared between the two teams.In most cases,the decision was the prerogative of only one team,but while these were siloed,almost h
68、alf stated that they had influence in the process.This discrepancy is due to the historical roles of both teams:IT has traditionally been in charge of security company-wide,while OT has not had much call to focus on that until recently,focusing instead on industrial operations.And yet,it is clear th
69、at industrial operators understand the need to share some of that decision-making process for security investment.14 Today who makes the purchase decisions for OT cybersecurity for your company and do you expect the decision making to evolve over the next 2 years?7%7%18%40%28%THE STATE OF OT SECURIT
70、Y:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEWhen asked how they expected decisions to be made in two years,almost two-thirds said they would likely be centralized,while another third expected an even split between being localized and alternatively centralized.This shows that while conve
71、r-gence is clearly expected going forward,it will not be a fast process,and the process is still a fledgling one.Coordinating that decision-making process in terms of security requires communication between the two teams:IT on the ap-propriate solutions to counter threats,and OT on the specific limi
72、tations and constraints of OT assets.IT AND OT COLLABORATION NEEDS TO BE BETTERIn large part,this slow convergence is due to the difficulty that the two teams have in establishing an effective dialogue that can result in successful cooperation.When asked to describe the relationship between OT and I
73、T in their cybersecurity efforts,57%stated that it was either completely siloed or frictional.In other words,they indicated that the two groups rarely connected,and when they did,they were not aligned in their views and struggled to make decisions.Ultimately,this difficulty in coordination is a sign
74、ificant obstacle that can impede the successful deployment and operation of OT cybersecurity.A piecemeal approach to cybersecurity will help neither IT nor OT,regardless of the caliber of solutions invested in,resulting in the continued exposure of vulnerable OT assets.While internal cooperation is
75、key to creating a coordinated security response,there are external driving forces that will support this eventual convergence,both from a regulatory and an emerging technology perspective,driving internal dialogue.15 And yet,it is clear that industrial operators understand the need to share some of
76、that decision-making process for security investment.22%37%29%11%1%0%10%20%30%40%Completely CentralizedMostly CentralizedEvenly between centralized/local subsidariesMostly localized at individual subsidiaries in local countries.Completely localized at the local facility levelIn Two Years-How are dec
77、isions made today regarding OT security purchases and how do you expect this process change over the next 2 years?THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEInsights from Industrial Operators “Boost cooperation between the OT and IT departments.”“Bridge the knowl
78、edge gap through joint training,incident response exercises and shared responsibility.”REGULATION AS A DRIVING SECURITY FORCE Regulation can be a powerful catalyst for driving security investments.It forces organizations to conduct risk assessments,de-velop cybersecurity strategies,and raise awarene
79、ss of the potential risks associated with disregard,or noncompliance,of these legislative mandates.The protection of critical infrastructure is a fundamental prerogative of any nation,and this extends to its OT environments.An increasing number of regulatory instruments are already in force to prote
80、ct OT in critical infrastructure.But,the fairly new surge in attacks against OT is driving a renewed regulatory focus by governments,extending beyond critical infrastructure.REGULATORY PRESSURE FOR OT SECURITY ON THE RISEAn important driver identified by 77%of respondents was the expected increase o
81、f regulatory pressure over the next two years to protect OT environments,especially within critical infrastructure,and this was consistent across all countries surveyed.16 2.2 IT and OT Collaboration Needs to Be Better In large part,this slow convergence is due to the difficulty that the two teams h
82、ave in establishing an effective dialogue that can result in successful cooperation.When asked to describe the relationship between OT and IT in their cybersecurity efforts,57%stated that it was either completely siloed or frictional.In other words,they indicated that the two groups rarely connected
83、,and when they did,they were not aligned in their views and struggled to make decisions.Ultimately,this difficulty in coordination is a significant obstacle that can impede the successful deployment and operation of OT cybersecurity.A piecemeal approach to cybersecurity will help neither IT nor OT,r
84、egardless of the caliber of solutions invested in,resulting in the continued exposure of vulnerable OT assets.While internal cooperation is key to creating a coordinated security response,there are external driving forces that will support this eventual convergence,both from a regulatory and an emer
85、ging technology perspective,driving internal dialogue.Insights from Industrial Operators “Boost cooperation between the OT and IT departments”“Bridge the knowledge gap through joint training,incident response exercises and shared responsibility”18%39%31%12%0%10%20%30%40%50%Siloed-these groups rarely
86、 connect on cybersecurity issues.Frictional-these groups often connect but do not have aligned views andstruggle to make decisions.Constructive-these groups often connect and do not have aligned views,but have good methods of aligning views and making decisions.Coordinated-these groups often connect
87、 and tend to have aligned views.Which of the following best describes the current relationship between OT and IT when it comes to cybersecurity?THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEIn Europe,the NIS2 Directive came into force in 2023,expanding the scope of
88、the cybersecurity rules to new sectors and entities be-yond critical infrastructure.In the United States,the Transportation Security Administration(TSA)updated its Security Directive Pipeline the same year(2021-02D),which was initially put together after the Colonial Pipeline attack in 2021 and focu
89、sed on protecting critical pipelines and Liquefied Natural Gas(LNG)facilities.As ransomware and other cyberthreats continue to target OT en-vironments,and notably in critical infrastructure,governments will intensify regulatory requirements for operators,in a bid to minimize the risks of attacks.Thi
90、s will undoubtedly impact industrial operations;80%of respon-dents expected regulation to significantly affect the time spent on compliance processes.Regulatory compliance is a relatively rigid and formal process,with set requirements that need to be met,and then assessed and certi-fied(often by a t
91、hird party).These can be costly and time-consum-ing in their own right.This increased pressure will inevitably result in demand for cyber-security solutions that are pre-certified and compliance-ready,in a bid to simplify at least part of the security process.Regulatory liability will keep industria
92、l operators focused on meeting their obligations,and this is reflected in the survey.Two-thirds of respondents stated that there would be pressure from the Board of Directors level to improve OT cybersecurity over the next two years.22%76%Regulatory pressure to improve OT cybersecurity will increase
93、 in the next two years.Disagree Agree Neither Agree or Disagree Agree80%Disagree 2%Neither agree or disagree 18%Over the next 2 years,I expect that my organization will spend too much time complying with OT cybersecurity-related regulatory THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RIS
94、KS,&CYBER RESILIENCEWhile increased attention to security is generally a good thing,poor implementation or too rigid a framework can mean less flexibility in terms of response from industrial operators.With pressure from up-per management,external compliance requirements,an aggressive threat ecosyst
95、em,and the quest for better OT-IT coordination,opera-tors have a lot on their plate.The onus is on industrial operators to look for effective technology solutions in the cybersecurity space that can help alleviate these concerns.Many are turning to emerging technologies to help them overcome these o
96、bstacles.Insights from Industrial Operators “Examine current OT cybersecurity policy and ensure align-ment with industry standards and regulations.”Agree66%Disagree 3%Neither agree or disagree 31%Pressure from the Board of Director level to improve OT cybersecurity will increase over the next 2 year
97、s.19 Two-thirds of respondents stated that there would be pressure from the Board of Directors level to improve OT cybersecurity over the next 2 years.While increased attention to security is generally a good thing,poor implementation or too rigid a framework can mean less flexibility in terms of re
98、sponse from industrial operators.With pressure from upper management,from external compliance requirements,from an aggressive threat ecosystem,and the quest for better OT-IT coordination,operators have a lot on their plate.The onus is on industrial operators to look for effective technology solution
99、s in the cybersecurity space that can help alleviate these concerns.Many are turning to emerging technologies to help them overcome these obstacles.Insights from Industrial Operators “Examine current OT cybersecurity policy and ensure alignment with industry standards and regulations”4 AI:A Double-E
100、dged Sword for OT 4.1 AI Part of Attacks,but Key to Protection AI has already caught the attention of industrial operators,but the judgment on its value is split between fear of AI-enabled attacks and demand for AI-enabled protection.74%of respondents identified AI-enabled attacks on OT infrastructu
101、re as a critical issue.There is little doubt that AI presents an opportunity for malicious actors.Threat actors can better find targets,more accurately manipulate and take advantage of users and systems,and automate complex and targeted attacks.Machine translation,speech synthesis,and generative AI
102、can all be used to minimize the amount of customization and manual supervision needed to carry out successful cyberattacks.There are already instances of ChatGPT being used to create malware.74%74%25%Disagree Agree Neither Agree or Disagree AI-enabled attacks on our OT-infrastructure are a critical
103、issue today.AI:A DOUBLE-EDGED SWORD FOR OTAI PART OF ATTACKS,BUT KEY TO PROTECTIONAI has already caught the attention of industrial operators,but the judgment on its value is split between fear of AI-enabled attacks and demand for AI-enabled protection.74%of respondents identified AI-enabled attacks
104、 on OT infra-structure as a critical issue.There is little doubt that AI presents an opportunity for malicious actors.Threat actors are better at finding targets,accurately manipulating and taking advantage of users and systems,and automating complex and targeted attacks.Machine translation,speech s
105、ynthesis,and generative AI can all be used to minimize the amount of customization and manual supervision needed to carry out successful cyberattacks.There are already instances of ChatGPT being used to create malware.24 AI is not the only new technology making way into OT environments.Operators are
106、 getting ready to implement 5G,robotics,cloud,and increased remote access,each presenting its own set of challenges.Respondents are in little doubt that remote access to OT,whether by internal employees or third-party contractors,is on the rise,with 74%in agreement that remote access will increase.T
107、he increased adoption of remote access can offer many benefits,including improved monitoring capabilities,better response times in case of adverse events,and cost-savings in terms of human resources and travel.(Lessons Learned-remote access management security controls on a regular basis is importan
108、t/evaluate and strengthen guidelines and tools for secure remote access)Remote access requires connectivity and access enablement platforms,many of which are offered as services tied to cloud-based architectures for better OT asset management.This aligns with the belief that the cloud will be a crit
109、ical technology for OT in the next 3 to 5 years,according to 80%of the respondents.The concern here is to ensure the security of that access,regardless of origin,especially as the risk of man-in-the-middle attacks is high in such scenarios.(Lessons Learned:ensure the safe adoption of cloud services/
110、Evaluate and improve cloud-based security solutions)22%74%5%Remote Access of internal employees and 3rd parties into OT will continue to increase.Neither Agree nor DisagreeAgreeDTHE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEWhile AI can be used maliciously,it can al
111、so serve to enhance cyber-security;80%of respondents stated that AI-enabled security solutions would be critical for stopping attacks directed at their OT environments.Today,many cybersecurity solutions in IT already leverage Machine Learning(ML),heuristics,and AI in various forms,from automatic pat
112、ching and malware classification to threat detection and incident response.This will(and must)expand to OT cybersecurity,especially because so many of the attacks originate from IT,as seen previously.AI is clearly perceived as both a threat and a requirement for OT cybersecurity,which means that the
113、re are still a lot of discrep-ancies between the perceived and actual value of AI in industrial environments.AI AS A FORCE MULTIPLIER FOR THREAT ACTORSThe dual role of AI tools is undoubtedly divisive in modern societ-ies.The advances in generative AI in the last year have not only been lauded by pu
114、ndits,but also denounced by doomsayers.This is reflected in the respondents perceptions on whether AI is more beneficial to operators or to attackers.Just over half believe that AI will help hackers more than security teams in OT environments.The role of AI as a digital tool for security is undisput
115、ed among respondents.However,opinions regarding whether AI serves an advantage or disadvantage seem evenly divided among survey re-spondents.Despite the ambiguity,the cybersecurity industry holds an advantage in combatting the malicious use of AI.Cybersecurity is a discipline that exists in an adver
116、sarial environment,and adver-sarial manipulation of AI and the use of malicious AI are expected responses(the fight against SPAM is probably one of the oldest examples of adversarial manipulation in ML).20 While AI can be used maliciously,it can also serve to enhance cybersecurity;80%of respondents
117、stated that AI-enabled security solutions would be critical for stopping attacks directed at their OT environments.Today,many cybersecurity solutions in IT already leverage Machine Learning(ML),heuristics,and AI in various forms,from automatic patching and malware classification to threat detection
118、and incident response.This will(and must)expand to OT cybersecurity,especially because so many of the attacks originate from IT,as seen previously.AI is clearly perceived as both a threat and a requirement for OT cybersecurity,which means that there are still a lot of discrepancies between the perce
119、ived and actual value of AI in industrial environments.AI-enabled security solutions will be critical for detecting and stopping attacks on our OT-infrastructure.79%20%Disagree Agree Neither Agree or Disagree 21 4.2 AI as a Force Multiplier for Threat Actors The dual role of AI tools is undoubtedly
120、divisive in modern societies.The advances in generative AI in the last year have not only been lauded by pundits,but also been denounced by doomsayers.This is reflected in the respondents perceptions on whether AI is more beneficial to operators or to attackers.Just over half believe that AI will he
121、lp hackers more than security teams in OT environments.The role of AI as a digital tool for security is undisputed among respondents.However,opinions regarding whether AI serves an advantage or disadvantage seems evenly divided among survey respondents.Despite the ambiguity,the cybersecurity industr
122、y holds an advantage in combatting the malicious use of AI.Cybersecurity is a discipline that exists in an adversarial environment,and adversarial manipulation of AI and the use of malicious AI are expected responses(the fight against SPAM is probably one of the oldest examples of adversarial manipu
123、lation in ML).35%55%10%AI will help hackers more than it will help security teams in OT environments.Neither Agree nor DisagreeAgreeDisagree24 AI is not the only new technology making way into OT environments.Operators are getting ready to implement 5G,robotics,cloud,and increased remote access,each
124、 presenting its own set of challenges.Respondents are in little doubt that remote access to OT,whether by internal employees or third-party contractors,is on the rise,with 74%in agreement that remote access will increase.The increased adoption of remote access can offer many benefits,including impro
125、ved monitoring capabilities,better response times in case of adverse events,and cost-savings in terms of human resources and travel.(Lessons Learned-remote access management security controls on a regular basis is important/evaluate and strengthen guidelines and tools for secure remote access)Remote
126、 access requires connectivity and access enablement platforms,many of which are offered as services tied to cloud-based architectures for better OT asset management.This aligns with the belief that the cloud will be a critical technology for OT in the next 3 to 5 years,according to 80%of the respond
127、ents.The concern here is to ensure the security of that access,regardless of origin,especially as the risk of man-in-the-middle attacks is high in such scenarios.(Lessons Learned:ensure the safe adoption of cloud services/Evaluate and improve cloud-based security solutions)22%74%5%Remote Access of i
128、nternal employees and 3rd parties into OT will continue to increase.Neither Agree nor DisagreeAgreeDTHE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEThe use of AI as a security tool is also viewed as a cost-saving mea-sure,with almost half of all respondents believing
129、that it will reduce the number of security professionals hired.Rather than viewing it as complementary,AI is perceived as being a replacement for a security analyst.This belief may impede adoption of AI in OT security because OT environments require a specific skill set and knowledge that are not of
130、ten informed by IT tools.OT engi-neers and analysts already have difficulties coordinating with IT;this may become marginally harder if they need to start negotiating with AI-based tools,especially in the fragmented industrial ecosystem.Despite this,the belief may be enough to impede AI investment i
131、n OT security.AI CAN ALSO BE A SECURITY TOOL FOR STRONGER AND BETTER PROTECTIONRegardless of its perceived role as an opportunistic tool for threat ac-tors or a replacement for security professionals,AI is clearly considered an important technology,with half of the respondents stating that its use i
132、n OT cybersecurity will help solve the security skills gap problem.AI is successfully used in many cybersecurity solutions:from antivirus,intrusion detection and prevention,and user entity behavior analytics to authentication,data retrieval and analysis,threat hunting and threat intelligence,System-
133、on-Chip(SoC)operational performance,etc.While there is recognition that AI is being leveraged maliciously,there is also belief,and expectation,that it can enhance security in OT environments.The divergence of answers is almost evenly split in most cases,pointing to a lack of understanding around the
134、 perceived disadvantages and the potential benefits that AI can bring as value-added technology,including within OT.22 The use of AI as a security tool is also viewed as a cost-saving measure,with almost half of all respondents believing that it will reduce the number of security professionals hired
135、.Rather than viewing it as complementary,AI is perceived as being a replacement for a security analyst.This belief may impede adoption of AI in OT security because OT environments require a specific skill set and knowledge that are not often informed by IT tools.OT engineers and analysts already hav
136、e difficulties coordinating with IT;this may become marginally harder if they need to start negotiating with AI-based tools,especially in the fragmented industrial ecosystem.Regardless of the reality,this belief may be enough to impede AI investment in OT security.4.3 AI Can Also Be a Security Tool
137、for Stronger and Better Protection Regardless of its perceived role as an opportunistic tool for threat actors or a replacement for security professionals,AI is clearly considered an important technology,with half of the respondents stating that its use in OT cybersecurity will help solve the securi
138、ty skills gap problem.32%47%21%The use of AI in OT security solutions will reduce the number of security professionals my company needs to hire.Neither Agree nor DisagreeAgreeDisagreeAgree51%Disagree,13%Neither agree or disagree 36%The use of AI in OT security solutions will help solve our security
139、skills gap problem.Insights from Industrial Operators “Make security measures more effective by utilizing AI threat intelligence.”“Explore the use of AI driven security analytics.”THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEEMERGING TECHNOLOGIES CAN AMPLIFY OT SEC
140、URITY,BUT CHALLENGES PERSISTAI is not the only new technology making way into OT environments.Operators are getting ready to implement 5G,robotics,cloud,and increased remote access,each presenting its own set of challenges.Respondents are in little doubt that remote access to OT,whether by internal
141、employees or third-party contractors,is on the rise,with 74%in agreement that remote access will increase.The increased adoption of remote access can offer many benefits,including improved monitoring capabilities,better response times in case of adverse events,and cost savings in terms of human reso
142、urces and travel.Lessons Learned:Remote access management security controls on a regular basis are important.Evaluate and strengthen guidelines and tools for secure remote access.Remote access requires connectivity and access enablement platforms,many of which are offered as services tied to cloud-b
143、ased architectures for better OT asset management.This aligns with the belief that the cloud will be a critical tech-nology for OT in the next 3 to 5 years,according to 80%of the respondents.The concern here is to ensure the security of that access,regardless of origin,especially as the risk of man-
144、in-the-middle attacks is high in such scenarios.Lessons Learned:Ensure the safe adoption of cloud services.Evaluate and improve cloud-based security solutions.24 AI is not the only new technology making way into OT environments.Operators are getting ready to implement 5G,robotics,cloud,and increased
145、 remote access,each presenting its own set of challenges.Respondents are in little doubt that remote access to OT,whether by internal employees or third-party contractors,is on the rise,with 74%in agreement that remote access will increase.The increased adoption of remote access can offer many benef
146、its,including improved monitoring capabilities,better response times in case of adverse events,and cost-savings in terms of human resources and travel.(Lessons Learned-remote access management security controls on a regular basis is important/evaluate and strengthen guidelines and tools for secure r
147、emote access)Remote access requires connectivity and access enablement platforms,many of which are offered as services tied to cloud-based architectures for better OT asset management.This aligns with the belief that the cloud will be a critical technology for OT in the next 3 to 5 years,according t
148、o 80%of the respondents.The concern here is to ensure the security of that access,regardless of origin,especially as the risk of man-in-the-middle attacks is high in such scenarios.(Lessons Learned:ensure the safe adoption of cloud services/Evaluate and improve cloud-based security solutions)22%74%5
149、%Remote Access of internal employees and 3rd parties into OT will continue to increase.Neither Agree nor DisagreeAgreeDisagree16%80%4%Cloud-based architecture will be critical for OT in the next 3-5 THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCERespondents are also
150、concerned with the potential dangers posed by using robotics in OT,with a third stating that increased use will lead to cyberattacks that can cause physical harm or death.This is not an insignificant data point,revealing the perceived physical threat that can be posed by the digital world,regardless
151、 of whether this could actualize.Certainly,human error has accounted for physical incidents on countless occasions in industrial environments,and the fear that adding a digital element could lead to purposeful manipulation is not a far leap.The fear is rooted in the fact that cyber physical systems,
152、industrial robotic platforms,and autonomous systems can be subject to tampering,jamming,Distributed Denial of Service(DDoS),ransomware,or any other number of cyberthreats that could dangerously impact their operation.25 Respondents are also concerned with the potential dangers posed by using robotic
153、s in OT,with a third stating that increased use will lead to cyberattacks that can cause physical harm or death.This is not an insignificant data point,revealing the perceived physical threat that can be posed by the digital world,regardless of whether this could actualize.Certainly,human error has
154、accounted for physical incidents on timeless occasions in industrial environments,and the fear that adding a digital element could lead to purposeful manipulation is not a far leap.The fear is rooted in the fact that cyber physical systems,industrial robotic platforms and autonomous systems can be s
155、ubject to tampering,jamming,Distributed Denial of Service(DDoS),ransomware,or any other number of cyberthreats that could dangerously impact their operation.Increased use of robotics in OT environments will lead to cyberattacks that cause physical harm or death.Neither Agree or Disagree Agree Disagr
156、ee 35%41%24%The use of robotics will require some form of connectivity for access.This will likely be served as much through Internet Protocol(IP)connectivity as through cellular,and notably 5G.Among the respondents,67%identified 5G technology investment happening for their OT environment.In paralle
157、l,70%also recognized that 5G-connected devices are increasingly important OT threat vectors.24 AI is not the only new technology making way into OT environments.Operators are getting ready to implement 5G,robotics,cloud,and increased remote access,each presenting its own set of challenges.22%74%5%Re
158、mote Access of internal employees and 3rd parties into OT will continue to increase.Neither Agree nor DisagreeAgreeDisagree16%80%4%Cloud-based architecture will be critical for OT in the next 3-5 THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEIt is important to highl
159、ight that 5G brings new dimensions to OT environments that did not exist before.Firstly,5G signifi-cantly expands the connectivity of OT assets(and notably the Industrial IoT(IIoT),but also offers dangerous potential for DDoS and other attacks.Numerous exploits against IIoT are published each year b
160、y security researchers at conferences such as Black Hat and DEFCON,but numerous malware variants are also out there in the wild.5G connectivity is likely to accelerate targeted attacks,as Industrial Control System(ICS)assets become visible to the world.The second dimension is the software-defined fo
161、cus of 5G,which will allow the migration of existing IT-based threats to the 5G core itself and the extended network.Emerging and connected technologies are undoubtedly set to play an important role in OT environments,which is recognized by the large majority of respondents,irrespective of region an
162、d end market.Beyond that,there is clear apprehension as to the risks these will usher in,and a lack of deeper understanding is likely to preoccupy more than appease industrial operators.Regardless,the advent of new technologies is set to permeate OT,and operators need to ready themselves for the ine
163、vitable change that these will bring.In many cases,they are already negotiating how such technologies will be rolled out and managed securely.Insights from Industrial Operators “Review and upgrade network design on a regular basis.”“Hold frequent meetings to evaluate security policies.”27 It is impo
164、rtant to highlight that 5G brings new dimensions to OT environments that did not exist before.Firstly,5G significantly expands the connectivity of OT assets(and notably the Industrial IoT(IIoT),but also offers dangerous potential for DDoS and other attacks.Numerous exploits against IIoT are publishe
165、d each year by security researchers at conferences such as Black Hat and DECON,but numerous malware variants are also out there in the wild.5G connectivity is likely to accelerate targeted attacks,as Industrial Control System(ICS)assets become visible to the world.The second dimension is the softwar
166、e-defined focus of 5G,which will allow migration of existing IT-based threats to the 5G core itself and the extended network.31%67%2%My organization will be investing in 5G technology for my OT environment.Neither Agree nor DisagreeAgreeDisagree28%69%3%5G connected devices are an increasingly import
167、ant OT threat THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEMOVING FORWARD WITH OT SECURITYThe role of cybersecurity within OT environments is visibly high on industrial operators agendas.Moving forward,the exercise is for them to understand what types of security s
168、olutions will work best and how to implement them accordingly within OT.While there are plenty of available cybersecurity technologies,part of the solution must focus on the need to eliminate inher-ent trust and preconceptions that threat actors cannot reach legacy or air-gapped systems.Another part
169、 is to address the coordination issue between IT and OT,ensuring that there is comprehensive integration and decision-making on security between the two groups.ZERO TRUST:AN ANSWER TO THE TRUST PROBLEMThe issue of inherent trust in OT environments that are increas-ingly connected and open can be sol
170、ved with the adoption of Zero Trust principles.No asset is trusted by default,requiring trust to be established each and every time using identity,access control,and authentication mechanisms on a continual basis.Deploying Zero Trust is already top of respondents minds,with 93%already familiar with
171、the technology and 87%believ-ing it to be the right fit for protecting OT environments.However,50%state that there are practical blockers to imple-mentation.These can include policy control and configuration issues for legacy devices,or the default methods contractors and in-dustrial Original Equipm
172、ent Manufacturers(OEMs)access ICSs.Over-coming the practical blockers in the face of Zero Turst can be costly and time-consuming,utilizing resources that could potentially be used elsewhere.Nonetheless,the belief is evident among respondents that Zero Trust is the right answer to OT cybersecurity.Co
173、nsequently,industrial operators are likely to place a lot of emphasis on cybersecurity vendors offering a Zero Trust solution that can ad-dress these issues and provide high levels of customer support.Extremely/very familiarLittle/No familiarityModeratelyfamiliarHow familiar are you with Zero Trust?
174、THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEInsights from Industrial Operators “Get a reliable mechanism for managing access and identification.”“Examine network segmentation for isolating OT cybersecurity devices.”“Integrate a Zero Trust network architecture into
175、 your operational technology systems.”OT AND IT CONSOLIDATION ON THE HORIZON In order to effectively implement Zero Trust and tackle challenges related to its implementation,there is a requirement to ensure an integrated response from the industrial operator,and this means better consolidation betwe
176、en IT and OT groups.This understanding is reflected in the survey,with more than 70%of respondents clear on their intention to con-solidate IT and OT solutions from the same cybersecurity vendor.In a similar vein,more than half of the respon-dents stated their intent to use the same Managed Security
177、 Service Provider(MSSP)for both OT and IT security.For both questions,a third of respondents neither agreed nor disagreed with the statements,revealing that there was still an important segment of industrial operators that were undecided on how to proceed with IT and OT security integration.This sho
178、ws that there are challenges in deploying OT security effectively as an integrated solution alongside IT security.This can not only be attributed to the difficulties in cooperation between IT and OT teams,but also to the complexity of available security solutions that may not easily cater to both IT
179、 and OT scenarios.30 Insights from Industrial Operators “Get a reliable mechanism for managing access and identification”“Examine network segmentation for isolating OT cybersecurity devices”“Integrate a zero trust network architecture into your operational technology systems”6.2 OT and IT Consolidat
180、ion on the Horizon In order to effectively implement Zero Trust and tackle challenges related to its implementation,there is a requirement to ensure an integrated response from the industrial operator,and this means better consolidation between IT and OT groups.37%50%13%0%10%20%30%40%50%60%Zero Trus
181、t solutions are right for OTZero Trust principles are right for OT,but there are practical blockersZero Trust solutions are not right for OTDo you believe Zero Trust principles are the correct approach for protecting OT environments?THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYB
182、ER RESILIENCERegardless,79%of respondents agreed that,in the long term,OT and IT security would be seamlessly integrated and man-aged by the same solutions.This is a clear indication that OT security is as important to industrial operators as IT security,and that the two worlds are rapidly con-vergi
183、ng,both in terms of operation and in terms of protection.This is already happening outside of the security sphere,with digital transformation accelerating within industrial end markets.It goes without saying that security should,and will,follow closely.31 This understanding is reflected in the surve
184、y,with over 70%of respondents clear on their intention to consolidate IT and OT solutions from the same cybersecurity vendor.In a similar vein,over half of the respondents stated their intent to use the same Managed Security Service Provider(MSSP)for both OT and IT security.For both questions,a thir
185、d of respondents neither agreed nor disagreed with the statements,revealing that there was still an important segment of industrial operators that were undecided on how to proceed with IT and OT security integration.This shows that there are challenges in deploying OT security effectively as an inte
186、grated solution alongside IT security.This can not only be attributed to the difficulties in cooperation between IT and OT teams,but also to the complexity of available security solutions that may not easily cater to both IT and OT scenarios.26%73%2%We intend to consolidate around solutions provided
187、 by cybersecurity technology vendors who also have OT security solutions.Neither Agree nor DisagreeAgreeDisagree38%52%9%We intend to use the same MSSP for OT and IT security.31 This understanding is reflected in the survey,with over 70%of respondents clear on their intention to consolidate IT and OT
188、 solutions from the same cybersecurity vendor.In a similar vein,over half of the respondents stated their intent to use the same Managed Security Service Provider(MSSP)for both OT and IT security.For both questions,a third of respondents neither agreed nor disagreed with the statements,revealing tha
189、t there was still an important segment of industrial operators that were undecided on how to proceed with IT and OT security integration.This shows that there are challenges in deploying OT security effectively as an integrated solution alongside IT security.This can not only be attributed to the di
190、fficulties in cooperation between IT and OT teams,but also to the complexity of available security solutions that may not easily cater to both IT and OT scenarios.38%52%9%We intend to use the same MSSP for OT and IT security.Agree79%Disagree4%Neither agree or disagree 17%In the long term,OT security
191、 and IT security will be seamlesslyintegrated and managed by the same solutions/applications.CHOOSING THE RIGHT PROVIDERThe demand for cybersecurity vendors proficient in both IT and OT security is already a reality.The survey supports this,revealing that in the respondents choice of cybersecurity s
192、olutions,there was a clear preference for vendors experienced in both areas.All of the top five vendors identified by the respondents offered both IT and OT security solutions,with Palo Alto Networks leading the pack by a fair THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RES
193、ILIENCE33 6.3 Choosing the Right Provider The demand for cybersecurity vendors proficient in both IT and OT security is already a reality.The survey supports this,revealing that in the respondents choice of cybersecurity solutions,there was a clear preference for vendors proficient in both areas.All
194、 of the top 5 vendors identified by the respondents offered both IT and OT security solutions,with Palo Alto Networks leading the pack by a fair margin.59%46%30%30%29%25%24%23%22%17%14%13%8%8%7%4%0%10%20%30%40%50%60%70%Palo Alto Networks Cisco CrowdStrike Check Point Fortinet Microsoft Juniper Netwo
195、rks AWS Google Siemens Nozomi Networks Dragos Scadafense Zscaler txOne Networks OtorioIs a leading supplier-Which of the following vendors do you consider to be credible OT cybersecurity technology suppliers and/or leaders?PALO ALTO NETWORKS PROMISEZero Trust OT Security by Palo Alto Networks is tai
196、lored for industrial asset owners and operators,offering comprehensive vis-ibility and security for OT environments.Extending its protective capabilities from OT networks and assets,to encompass 5G-connected assets and remote operations,Palo Alto Networks addresses the evolving challenges inherent i
197、n modern industrial environments.By leveraging Zero Trust principles,organizations can strengthen their OT environments against potential threats while maintaining operational continuity and resilience.With Zero Trust OT Security,organizations gain accurate,context-rich visibility of all assets,appl
198、ications,and users,enabling them to assess and prevent OT/ICS threats effectively,and helping simplify security and operations with a unified platform from a single vendor.It can be adapted to fit various architectures,from partially air-gapped to fully cloud-connected environments,providing a seaml
199、ess security solution for industrial THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCETOP FIVE LESSONS LEARNED BY INDUSTRIAL OPERATORSu Have a cybersecurity plan and supporting policies in place for all your operational aspects(people,processes,and technology)and revis
200、e these continuously,on a regular basis.v Communicate and collaborate on security best practices and around threat information,internally between your various teams,and externally with industry stakeholders.w Focus on identification,authentication,and access control mechanisms;this includes better O
201、T asset and inventory manage-ment.Know what you have and do not implicitly trust anything.Aspire to Zero Trust,and look for security solutions that can address both IT and OT.x Plan for failure;ensure you have incident response plans,backup,and recovery procedures in place.Be ready to react quickly
202、to any adverse event.y Enhance the security of the supply chain;perform better security assurance checks of your contractors and third parties and reevaluate them frequently.METHODOLOGYThe survey was fielded in December 2023,representing 1,979 respondents from a sample base across the following coun
203、tries:THE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEThe survey consisted of 37 objective questions,along with two open-ended qualitative questions for which respondents had the opportunity to write their answers.Those opting for non-English were translated.The quest
204、ions addressed major topics in the OT space,spanning the main perceived threats by respondents,their invest-ment objectives,and their OT cybersecurity provider preferences.The survey questions were cross-tabulated accordingly to identify the main trends based on a variety of factors,including,but no
205、t limited to,company size,industry vertical,organizational role of respondents,and cybersecurity vendor deployment.Respondents primarily had roles in OT(37.5%),IT(41.5%),or both(21%).C-level executives,se-nior managers,and team leaders made up 78.6%of the respondents.More than 54.3%of respondents we
206、re from companies with 1,000 to 5,000 personnel and the rest were organizations with more than 5,000 personnel and individual practitioners of cybersecurity at indus-trial organizations.UNITED STATES302CANADA102UNITED KINGDOM102FRANCE101GERMANY102ITALY100SPAIN100MEXICO50BRAZIL50JAPAN103SINGAPORE101I
207、NDIA103AUSTRALIA103NEW ZEALAND50THAILAND51PHILIPPINES51INDONESIA51MALAYSIA51VIETNAM51CHINA102HONG KONG51TAIWAN51SOUTH KOREATHE STATE OF OT SECURITY:A COMPREHENSIVE GUIDE TO TRENDS,RISKS,&CYBER RESILIENCEMarch 2024 ABI Research157 Columbus AvenueNew York,NY 10023 USATel:+1 516-624- ABOUT PALO ALTO NE
208、TWORKSPalo Alto Networks,the global cybersecurity leader,is shaping the future with technology that is transforming the way people and organizations operate.Our mission is to be the cybersecurity partner of choice,protecting our digital way of life.We help address the worlds greatest security challe
209、nges with continuous innovation to enable secure digital transformation.By delivering an integrated platform and empowering a growing ecosystem of partners,we are at the forefront of protecting tens of thousands of organizations across industries,clouds,networks,and devices.Our vision is a world whe
210、re each day is safer and more secure than the one before.For more information,visit .ABOUT ABI RESEARCHABI Research is a global technology intelligence firm uniquely positioned at the intersection of technology solution providers and end-market companies.We serve as the bridge that seamlessly connects these two segments by providing exclusive research and expert guidance to drive successful technology implementations and deliver strategies proven to attract and retain customers.