Posts in this series
- Part 2: Factories took measures but are developing
- Part 3: Standard is way to institute collaboration
New survey report released: The state of industrial cybersecurity
Converging IT and OT with people, process and technology
Why did we conduct the survey?
The cybersecurity has been the word not only in IT world, but also in ICS/OT world. The Stuxnet targeting SCADA systems were uncovered as first ICS malware to damage nuclear plants in 2010. The Wannacry became worldwide famous ransom worm which spread on hundreds of thousands of vulnerable computers and encrypt their data in 2017. Last year, we have seen some incident caused by SNAKE/EKANS which is a kind of ransomware targeting ICS platform.
It's not a short period of time from we have been developing cybersecurity for ICS/OT security. But it seems to be far behind from IT security.
Trend Micro's latest survey in US, Germany and Japan revealed the state of industrial cybersecurity in factories and found insights to take step forward.
In this survey, we see the state of cybersecurity from three aspects, people, process and technology. People means organization, staff's skill, knowledge and communication. Process includes assessment, planning, implementation, operation in normal time and incident response. Technology depends on what kind of security tools or systems we use in factory.
And IT and OT convergence is an important initiative for manufacturing company which survive and grow their business with promoting digital transformation. We deep dive into the gap of awareness between IT and OT.
Respondents awareness of cybersecurity in factories
The respondents have more awareness on technology (78%) than people (68%) and process (67%). Overall the technical challenges are the biggest in factory. Nevertheless, nearly 70% respondents are aware of people and process on cybersecurity in factory. Most respondents are considering cybersecurity in factory as technological problems, but understand it need to take actions on people and process also.
OT recognizes people and processes as issues rather than IT
When we look at the difference between IT and OT respondents, OT are concerned about people and process more than IT. In this OT result shows the rate who answered they have any challenges in people (72%) and process (74%) are coming close to the rate of technology (78%). It seems that OT think people and process play important part of cybersecurity rather than IT. This might be one of gap in awareness between IT and OT. So if IT team take approach to deploy security measures in industrial cybersecurity, they should recognize the awareness gap and take more effort to understand the problems on people and process which OT team are concerned about.
What are the problems on people and process for OT? When we dive into the specific problems which they're concerned about, Fig.1-3 shows three items have large difference between IT and OT.
-System assets in our smart factories are not listed and the importance of assets is not defined:
IT 42% - OT 52%
-We have not identified cyber threats and vulnerabilities in our factories' systems:
IT 44% - OT 54%
-We have not set a target cybersecurity level when considering cybersecurity countermeasures for our smart factories:
IT 45% - OT 52%
They are problems on process. OT feel difficulty to grasp their whole assets, risks and to set a target.
In addition both IT and OT are struggling to find appropriate technical solution to make effectiveness, suit to their environment and no disruptions to normal operation.
Technology is the biggest challenges in each country
Fig.1-4 shows how many respondents in each countries are aware of the problems about people, process and technology to promote cybersecurity in factory.
US's all rates are relatively lower than others. In this survey we asked some other detailed questions about what measures you already have implemented. In the results of these questions, US seems to be one step forward to others in the basic. It might make them the awareness lower.
Germany and Japan are similar results, but Germany have close degree of awareness on all 3 aspects and Japan have much awareness on technology than others. Germany seems to think people and process play important part of cybersecurity. On the other hands, Japan think the cybersecurity depends on the technology very much.
To understand the differences of awareness between IT and OT, and by countries would help us to bridge their gap to promote cybersecurity forward.
To read the full report of this survey, please download from the below.
Whitepaper: The State of Industrial Cybersecurity
In addition, we discussed about converging IT and OT in the previous blog series and introduced the white paper to show some examples of practical approaches.
Related link
Blog:
Factory Security Problems from an IT Perspective (Part 1): Gap between the objectives of IT and OT
Whitepaper:
Two Approaches to Smart Factory Security: Merging Perspectives from IT and OT