Survey results to be discussed at PAS OptICS 2020 conference along with more than two dozen sessions featuring industry executives, experts, and practitioners
PAS Global, the OT Integrity company, announced findings from its survey of Operational Technology (OT) Cybersecurity Readiness including that 85% of respondent organizations are not highly prepared for an OT cyber attack. This finding and others will be discussed at OptICS 2020, taking place on October 27 and 28 online and around the world.
Survey respondents were asked to gauge the degree of OT cybersecurity risk for several potential threats. “Human Error” topped the list as the highest risk area followed by “Nation States”, “Digital Transformation”, “Remote Work“, “Criminal Activity”, and “Internal Malicious Actors”.
PAS Global today announced that 85% of industrial organizations are not highly prepared for an OT cyber attack.
Other survey highlights to be discussed at the conference include:
- Only 12% of respondents indicated OT cybersecurity risk is low
- 37% have experienced an OT cybersecurity incident in the last year or do not know if they have
- 85% reported an inadequate OT asset inventory
- 38% are taking an ad hoc or reactive approach to OT vulnerability management
- Only 27% are taking a proactive approach to OT vulnerability management based on business risk
“The need to reduce OT cybersecurity risk is more important than ever with inadvertent human error representing the greatest threat according to our survey respondents followed by adversarial nation states, expanding digitalization and an increasingly remote workforce,” said Eddie Habibi, CEO and Founder of PAS. “Organizations such as the Cybersecurity and Infrastructure Security Agency (CISA) in the United States Government continue to raise awareness of the threat, however, our survey demonstrates there is still a long way to go.”
“With only 12% of respondents indicating the OT cybersecurity risk to their organization is low, it is surprising to see just 15% say they are highly prepared for an OT cyber attack,” Habibi continued. “Additionally, 16% of respondents said they had experienced an OT cyber incident in the last year, which indicates such attacks are not isolated cases any longer. We should be just as concerned, however, that 21% of the respondents were unsure whether their organization had experienced an OT cybersecurity attack in the last year.”
“It is a foundational best practice in OT cybersecurity to have a detailed and accurate asset inventory,” said Mark Carrigan, Chief Operating Officer of PAS. “However, 85% of our survey respondents reported having an inadequate inventory. While the industry has made strides over the last few years, it is clear much more work needs to be done.”
“Trying to reduce OT cybersecurity risk without a solid OT asset inventory is like attempting to build a house without a solid foundation,” Carrigan added. “As such, it is not surprising that 38% of respondents indicate their organization is taking only an ad hoc or reactive approach to OT vulnerability management with just 27% taking a proactive approach based on business risk.”
In addition to the keynote address from Mr. Habibi and Mr. Carrigan, which will discuss the results of the survey in further detail, some of the other notable conference speakers include:
- Shola Anjous, OT / ICS Leader – Motiva
- Michael Carroll, VP Innovation – Georgia-Pacific
- Eric Cosman, President – The International Society of Automation
- Juan Espinosa, Principal Project Manager – Parsons
- Kristin Hanie, Senior Engineer – Southern Company
- Jason Haward-Grau, Managing Director of Cyber…