Over half (56%) of IT and operational technology (OT) security professionals from industrial enterprises have experienced a rise in cybersecurity threats since the start of the COVID-19 pandemic in March, with 72% finding that their jobs have become more challenging.
This is according to a new report from Claroty entitled The Critical Convergence of IT and OT Security in a Global Crisis, which surveyed the concerns, attitudes and experiences of 1100 full-time IT and OT security professionals involved in critical infrastructure components within large organizations in Europe, North America and Asia Pacific.
It also found that 70% have observed cyber-criminals using new tactics to target their organizations during the crisis.
Among the 200 UK-based respondents, almost a third (32%) said that their organization’s OT environment is not properly safeguarded from potential threats, while one-fifth revealed their enterprise did not make cybersecurity a priority during this time.
Challenges around the adoption of new technologies (41%) and collaboration between siloed IT and OT teams (56%) were also highlighted by those in the UK.
There were plenty encouraging signs that organizations are adapting to the new environment, however, with 83% of UK-based IT and OT professionals saying that their organization is prepared should another major disruption occur.
In addition, globally, two-thirds (67%) believe their IT and OT networks have become more interconnected since the pandemic started while 75% expect them to be even more interconnected going forward.
The five industries considered to be most vulnerable to attack by those surveyed were ranked as pharmaceutical, oil & gas, electric utilities, manufacturing and building management systems.
Yaniv Vardi, CEO of Claroty, commented: “While we would be short-sighted to think that we won’t have more challenges as we continue to face unknowns from this pandemic, protecting critical infrastructure is especially important in a time of crisis.
“As large enterprises are trying to improve their productivity by connecting more OT and IoT devices and remotely accessing their industrial networks, they are also increasing their exposure as a result. OT security needs to be brought to the fore and made a priority for all organizations. Attackers know that IT networks are covered with cybersecurity solutions so they’re moving to exploit vulnerabilities in OT to gain access to enterprise networks. Not protecting OT is like protecting a house with state-of-the-art security and alarm systems, but then leaving the front door open.”