#Cybersecurity#OT#TrapX#ESG

TrapX: A Survey on Cyber-Vulnerabilities in Manufacturing

Cyber-attacks can be devastating, so how do can manufacturers and supply chain professionals defend against them?

|Nov 24|magazine7 min read

A survey released by TrapX Security, a global leader in ‘deception-based’ cyber defence solutions, and Enterprise Strategy Group (ESG), has recently shed light on how manufacturing companies are vulnerable to cyber-attacks, and what could be done to stop the attacks. 

The survey itself asked 150 cyber and IT professionals directly involved in security strategy, control and operations within manufacturing organisations about their current and future concerns. “The research findings point to an industry whose security teams are seeing the information technology (IT) and operational technology (OT) environments converging at a rapid pace. Yet manufacturing organisations are struggling to safeguard OT assets as they are using the same tools to safeguard their IT infrastructure as they are for OT.”

The Findings

Some key statistics found in the survey: 

  • 49% say IT and OT is tightly integrated 
  • 77% expect further IT and OT infrastructure convergence in the future 
  • 53% believe their security operations workload exceeds staff capacity 
  • 53% agreed their organisation’s OT infrastructure is vulnerable to some form of cyber-attack 
  • 43% say that the volume of security alerts have increased 

“The research illustrates a potentially dangerous imbalance between existing security controls and staff capabilities and a need for more specialised and effective safeguards,” said Jon Oltsik, ESG Senior Principal Analyst and Fellow. “Manufacturing organisations are consolidating their IT and OT environments to achieve economies of scale and enable new types of business processes. Unfortunately, this advancement carries the growing risk of disruptive cyber-attacks. 

While organisations have deployed numerous technologies for threat detection and response, the data indicates that they are overwhelmed by growing volumes of security data, visibility gaps, and a lack of staff and skills. Since they can’t address these challenges with more tools or staff, CISOs really need to seek out more creative approaches for threat detection and response.”

The Future 

The findings in the research show that there is a disconnect between IT/OT departments and managers higher up in the work-chain. That is to say, that more attention is required for the correct allocation of resources, time and professional help in certain areas of cyber-security. As stated above, with a massive influx of data, comes the necessity to vastly improve security along with it; and while we may be a little far from any major sci-fi advanced hacking techniques, companies must invest in their security across all areas, not just cyber, to have a chance of maintaining their entire supply chain, let alone their own data. 

“This research shows that manufacturing organisations are experiencing real challenges when it comes to threat detection and response, particularly for specialised OT assets that are critical for business operations,” said Ori Bach, CEO of TrapX Security. “This data, and our own experience working with innovators in all sectors of manufacturing, demonstrate there is a clear need for solutions like Deception, which can improve cyber defences and reduce downtime without the need to install agents or disrupt existing security systems and operations.”

Read the full report here
Check it out