One in four industrial enterprises had to temporarily cease operations due to cyberattacks within the past year, according to a report from ABI Research and Palo Alto Networks, suggesting operational technology (OT) security must be improved.

According to the results of the State of OT Security survey of nearly 2,000 executives and practitioners across 16 countries, the complexity of OT security solutions is an additional concern.

More than 60% of those surveyed expressed apprehension regarding the complexity of available solutions when making purchasing decisions.

The complexity not only poses logistical challenges but also raises questions about the efficacy of existing security measures in safeguarding industrial operations against cyber threats.

The report also sheds light on the evolving threat landscape facing OT environments and highlights the attractiveness of such environments to cyberattackers, given the potential for significant financial or political gain.

Seventy percent of industrial organizations fell victim to cyberattacks over the past year, with more than a quarter (26%) experiencing them weekly or more.

In addition to existing threats, industrial asset owners and operators are increasingly wary of emerging technologies and their associated risks.

The rise of artificial intelligence (AI) and the integration of 5G-connected devices are perceived as critical threats to OT infrastructure by a significant portion of respondents.

Internally, industrial organizations face challenges related to alignment and regulatory compliance.

The report revealed a significant misalignment between IT and OT teams within organizations, with only 12% reporting alignment.

Furthermore, executives and practitioners are anticipating heightened regulatory pressure on OT security in the coming years, reflecting a growing awareness of the need to bolster security measures to meet evolving compliance standards.

Despite these challenges, decision-makers are increasingly recognizing the importance of consolidated solutions and a zero-trust approach in securing OT environments.

The report indicated there is a growing consensus among respondents regarding the need for simplified and streamlined security solutions to effectively mitigate cybersecurity threats.

Additionally, there is a recognition of the pivotal role of cloud-based solutions in securing evolving OT environments, with more than 80% of respondents acknowledging their significance.

Matthieu Chan Tsin, vice president, head of cybersecurity services at Cowbell Cyber, said there are several key steps companies can take to simplify and strengthen OT security infrastructure.

“First, segment networks to isolate IT from OT systems, reducing the risk of crossover attacks,” he explained. “Ensure timely patch management to mitigate vulnerabilities, consider operational constraints and implement enhanced access controls like multi-factor authentication and strict role-based access.”

Organizations must also continuously educate employees on cybersecurity and maintain incident response plans tailored to the OT environment.

“Finally, utilizing real-time monitoring and detection tools, vetting third-party vendors for security and prioritizing robust backup and disaster recovery procedures for operational continuity,” Tsin added.

Jose Seara, CEO and founder at DeNexus, said segmentation of networks and systems between OT and IT is one of the absolute first steps to implement, noting that industrial environments usually operate across multiple geographical sites.

“Quantifying cybersecurity risk at each site to know how to prioritize risk mitigation or cybersecurity projects is an important step to streamline OT security and focus on what’s really important,” he said.

He explained that developing a common view of the cybersecurity risks faced by the company, measured as potential loss, can act as a catalyst for IT and OT to develop a common language for cybersecurity, reconcile diverging goals and collaborate on risk mitigation projects that really need attention.

“It’s also a perfect time to renew one’s approach to cybersecurity and start with the quantification of cybersecurity risk so that the focus of cybersecurity budgets and projects is placed on the greatest risks, for example, where the business could face the greatest financial losses,” Seara said.

Marcus Fowler, CEO of Darktrace Federal, explained that by tapping into modern AI tools, organizations can use the technology to develop a robust understanding of their environments.

They can then use this information to implement proactive security drills and scenarios to identify potential areas of vulnerability.

“This approach helps OT teams to more accurately assess their overall risk, identify potential attack paths and better thwart potential disruptions before they occur,” he said.

These tools can draw upon their understanding of an environment to send automated alerts that help users contextualize and understand the severity of potential attacks.

“This ensures OT teams can save precious time and prioritize the most pressing threats to business function,” Fowler said.