Study reveals most
organizations take additional precautions to secure IIoT
Portland, Ore. – March 13, 2017 – Tripwire, Inc. today
announced the results of a study conducted in partnership with Dimensional
Research. The study looked at the rise of Industrial Internet of Things (IIoT)
deployment in organizations, and to what extent it is expected to cause
security problems in 2017.
IIoT are the connected devices in critical infrastructure
segments such as energy, utilities, government, healthcare and finance.
Tripwire’s study revealed that:
- Ninety-six percent of those surveyed expect to see an increase in security attacks on IIoT in 2017.
- Fifty-one percent said they do not feel prepared for security attacks that abuse, exploit or maliciously leverage insecure IIoT devices.
- Sixty-four percent said they already recognize the need to protect against IIoT attacks, as they continue to gain popularity among hackers.
“Industry
professionals know that the Industrial Internet of Things security is a problem
today. More than half of the respondents said they don’t feel prepared to
detect and stop cyber attacks against IIoT,” said said David Meltzer, chief
technology officer at Tripwire. “There are only two ways this scenario plays
out: Either we change our level of preparation or we experience the realization
of these risks. The reality is that cyber attacks in the industrial space can
have significant consequences in terms of safety and the availability of
critical operations.”
“As Industrial companies pursue IIoT, it’s important to
understand the new threats that can impact critical operations. Greater
connectivity with operational technology (OT) exposes operational teams to the
types of attacks that IT teams are used to seeing, but with even higher
stakes,” said Robert Westervelt, security research manager at IDC. “The
concern for a cyber attack is no longer focused on loss of data, but safety and
availability. Consider an energy utility as an example - cyber attacks could
disrupt power supply for communities and potentially have impact to life and
safety.”
The study’s respondents were also asked how they expect
their organizations’ deployment of IIoT devices to change, and how it will
affect their level of vulnerability. Tripwire found that:
- Ninety percent expect IIoT deployment to increase.
- Ninety-four percent expect IIoT to increase risk and vulnerability in their organizations.
- When respondents were broken down by company size, both larger companies (96 percent) and smaller companies (93 percent) expect a significant increase in risk caused by the use of IIoT.
Meltzer continued, “The Industrial Internet of Things ultimately delivers value to organizations,
and that’s why we’re seeing an increase in deployments. Security can’t be an
industry of ‘no’ in the face of innovation, and businesses can’t be effective
without addressing risks. The apparent contradiction of known risks and
continued deployment demonstrates that security and operations need to
coordinate on these issues. While IIoT may bring new challenges and risks, the
fundamentals of security still apply. Organizations don’t need to find new
security controls, rather they need to figure out how to apply security best
practices in new environments.”
No comments:
Post a Comment