Kaspersky Lab State of Industrial Cybersecurity Survey Reveals Industrial Organization IoT Concerns

Woburn, MA, June 26, 2018 –Kaspersky Lab announced a new “State of Industrial Cybersecurity 2018” survey, which found that 65 percent of organizations globally believe that OT/ICS security risks are more likely with IoT, therefore over the next year, realizing IoT use cases and managing connected devices is a major priority for more than half (53%).

To gain a better understanding of the issues and opportunities faced by ICS organizations today, Kaspersky Lab and Pierre Audoin Consultants (PAC – a CXP Group Company) conducted a survey of 320 global professionals with decision-making power on OT/ICS cybersecurity from 25 countries across the globe from April to May 2018. As the trend for digitalization – including increased connectivity and IoT – grows among industrial organizations, so do the cybersecurity risks associated with complex industrial environments.

The convergence of IT and OT, the wider connectivity of OT with external networks, and the growing number of industrial IoT devices is boosting the efficiency of industrial processes, but also presents new risks and points of vulnerabilities. Many industrial organizations surveyed feel unsafe, with over three quarters (77%) of respondents saying that their organization is likely to become the target of a cybersecurity incident involving their industrial control networks.

Of the concerns related to IoT, over half (54%) of respondents claim that the increased risks associated with connectivity and the integration of IoT ecosystems are a major cybersecurity challenge, as well as new types of IoT security measures that need to be implemented (50%) and the implementation of IoT use cases (45%). Although IoT presents many new concerns for organizations, protection against traditional cyber threats still needs to be top of mind.

Companies relying on ICS are still falling victim to more conventional threats, including malware and ransomware. While concerns have grown around the risk of targeted attacks and APTs (66%), almost two-thirds (64%) of companies experienced at least one conventional malware or virus attack on their ICS in the last year, 30 percent of companies suffered a ransomware attack, and 27 percent had their ICS breached due to the errors and actions of employees. Although it was the top concern, targeted attacks affecting the sector accounted for only 16 percent in 2018 (down from 36% in 2017). This proves a disconnect between the perception of organizations’ concerns and the reality of the threats they face.

“With the sector embracing more digital trends such as cloud and IoT to further drive efficiencies, the challenge and importance of cybersecurity becomes even more vital to keep critical systems running and businesses operational,” said Georgy Shebuldaev, brand manager, Kaspersky Industrial Cybersecurity. “The good news is that we are seeing more and more businesses improving their cybersecurity policies to include dedicated measures towards safeguarding their industrial control networks. While this is a step in the right direction, action needs to go further to keep up with the pace of digitalization. This includes updating incident response programs to cover specific ICS actions and using dedicated cybersecurity solutions to help meet the challenge.”

With companies investing in further smart technologies and automation, and the adoption of industry 4.0, connectivity and IoT will continue to rise. In fact, when it comes to wireless networks and cloud computing for OT/ICS use, 15 percent of industrial organizations already use cloud solutions for SCADA control systems and 25 percent are planning to implement it in the next year. This signifies a drive towards using the cloud for the high-level management of critical infrastructure which presents a new challenge for industrial organizations to properly secure these critical environments.

While always maintaining protection from traditional threats, it is vital that industrial organization cybersecurity measures keep up with the rate of technology adoption to ensure that the rewards outweigh the risks. Businesses also need strong ICS incident response programs to avoid compromising severe operational, financial and reputational damage. With a specific incident response program and dedicated cybersecurity solutions to manage the complex nature of the connected and distributed industrial ecosystems, businesses can keep their services, products, customers, and environments safe.

To find out how Kaspersky Lab can help protect your ICS network, please visit https://ics.kaspersky.com/.

About Kaspersky Lab

Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Kaspersky Lab Media Contact:

Denise Berard

781.503.1836

Denise.Berard@kaspersky.com