Over 80% of CNI Firms Have Been Breached in Past 36 Months

Over 80% of CNI Firms Have Been Breached in Past 36 Months

Most IT and security leaders in critical infrastructure (CNI) organizations are underestimating the scale of the cyber-threat, despite having suffered breaches over the past three years, according to Skybox Security.

Cybersecurity vendor, Skybox Security, polled 179 operational technology (OT) security decision-makers in the US, UK, Germany, and Australia with most hailing from companies with $1bn or more in revenue from the manufacturing, energy, and utility industries.

The study found that 73% of CIOs and CISOs are "highly confident" their organizations will not suffer an OT breach next year, despite 83% having suffered such an incident over the past 36 months.

Tellingly, just 37% of hands-on plant managers were similarly confident, highlighting the disconnect between perception and reality at a senior decision-making level.

A third (34%) of respondents also appeared to be over-relying on insurance as a security ‘strategy,’ claiming it is a sufficient solution.

However, some did recognize escalating cyber-threats. Two-fifths (40%) noted that supply chain/third-party network access is one of their top three security risks, but less than half (46%) said their organization has a third-party access policy applicable to OT. 

Silos and tech complexity also weighed heavily on

Read More: https://www.infosecurity-magazine.com/news/over-80-cni-firms-breached-past-36/