Industrial IoT And OT Security Critical: Study


For organisations with completed IIoT and OT security projects, 75 per cent have experienced no impact at all from a major incident

Critical infrastructure has increasingly come under attack, and businesses are facing significant challenges as the geopolitical landscape becomes increasingly tense, new research from cloud-enabled security solutions provider Barracuda Networks has found.

Organisations recognise the importance of security in the industrial internet of things (IIoT) and operational technology (OT), but security breaches have resulted in monetary losses and significant downtime for organisations.

Tim Jefferson, Senior Vice President, Engineering for Data, Networks and Application Security, Barracuda said, “In the current threat landscape, critical infrastructure is an attractive target for cybercriminals, but unfortunately IIoT/OT security projects often take a backseat to other security initiatives or fail due to cost or complexity, leaving organisations at risk. Issues such as the lack of network segmentation and the number of organisations that aren’t requiring multifactor authentication leave networks open to attack and require immediate attention.”

Organisations across the board have acknowledged the importance of investing even further in IIoT and OT security, with 96 per cent of business leaders noted that their organisation needs to increase their investment in industrial security. A total of 72 per cent of organisations signalled that they have either already implemented or are implementing IIoT/OT security projects. Still, many are facing significant challenges when it comes to implementation, including basic cyber hygiene.

However, 93 per cent have failed in their IIoT/OT security projects. For organisations with completed IIoT and OT security projects, 75 per cent have experienced no impact at all from a major incident.

“IIoT attacks go beyond the digital realm and can have real-world implications. As attacks continue to rise across industries, taking a proactive security approach to industrial security is critical for businesses to avoid being the next victim of an attack,” said Klaus Gheri, VP Network Security, Barracuda.

IIoT and OT security remain significant targets for attackers, but there is hope for businesses that take a proactive approach. Companies should implement tools to combat these challenges, including using secure endpoint connectivity devices and ruggedised network firewalls, all centrally deployed and managed via a secure cloud service that can enable effective network segmentation and advanced threat protection multifactor authentication, and even implement Zero Trust Access.