Remote Work Has Opened New Cyber Vulnerabilities, Survey Finds
- Oct 9, 2020 2:07 pm GMT
Cyber threats to industrial enterprises have grown since the start of the pandemic, and with the move to remote work, many organizations have increased their focus on operational technology and IoT security.
A research report from Claroty found that more than 50% of U.S. industrial enterprises have seen an increase in cybersecurity threats since the start of the Covid-19 pandemic. Electric utilities ranked among the top five sectors found to be most vulnerable to a cyber attack.
The firm’s global survey included 1,100 information technology (IT) and OT security professionals.
According to the report, The Critical Convergence of IT and OT Security in a Global Crisis, 51% of U.S.-based respondents said their organization is now more of a target for cyber attack than before Covid-19. Roughly two-third reported seeing cyber criminals use new tactics to target their organization.
The evolving nature of cyber attacks was the subject of a recent Energy Central PowerSession. One of the expert panel member, Andrew Bochman, senior grid strategist with Idaho National Laboratory, said that "Everyone, from senior government leadership to Boards of Directors to industry oversight and stakeholder bodies, is frustrated by how little confidence they have in the current state of cyber defense."
He said that current best practice approaches to cybersecurity are "clearly incapable" of stopping targeted attackers from creating "potentially catastrophic results." He added that from a national security perspective, it is not just the damage to the military, the economy, or very important companies that is a concern, but the downstream effects from prolonged regional blackouts and other disruptions.
The Claroty report said that Covid-19 has accelerated the convergence of IT and OT networks, with 65% of U.S. respondents saying that their IT and OT networks have become more interconnected since the pandemic began, and 73% expecting them to become even more interconnected as a result of it. IT/OT convergence can be detrimental because threats – both targeted and non-targeted – can move freely between IT and OT environments.
Even so, a majority of U.S. respondents to the survey said they have found it more challenging to collaborate with their IT or OT counterparts during the pandemic. And 44% said they believe that their OT networks are less secure than their IT networks.
The report said that having a crisis plan that enables secure remote access is important in organizations’ efforts to adapt quickly and safely to growing trend of remote work. Even so, one-quarter of U.S. respondents said they top cybersecurity executive did not have a pre-existing response plan. Another 26% said they organizations struggled with the shift to a dispersed workforce, and 22% said their organization did not have a pre-existing secure remote access solution aside from VPN that allowed employees to securely work from a remote location.
More than 80% of U.S. respondents said they were confident that their organization is prepared from a cybersecurity perspective for another major disruption down the road. Nearly 9 out of 10 said that their organization has updated its cybersecurity crisis response plan to reflect a more remote workforce.
No discussions yet. Start a discussion below.
Get Published - Build a Following
The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.
If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.