Hybrid Cloud
Cyber Security & NaaS
AI & Data
IoT & Connectivity
Business Applications
Intelligent Workplace
Consulting & Professional Services
Small Medium Enterprise
Health and Social Care
Industry
Retail
Tourism and Leisure
Transport & Logistics
Energy & Utilities
Banking and Finance
Sports
Smart Cities
The current state of Industrial Cyber Security: where do we really stand?
We often assume that factories or industrial environments don't require as much cyber security as office settings. Nothing could be further from the truth... A single production line can be shut down for days. The impact? Millions in losses... and even risks to people's physical safety.
That’s why we’ve spent years reviewing and analysing cyber security across industrial environments in all sectors: from energy and transportation to manufacturing, chemical industry, healthcare and retail.
Over this time, we’ve helped various companies achieve better protection of their OT (Operational Technology) environments through numerous assessments, diagnostics, designs and service deployments.
This allows us to offer a clear snapshot of the current state of industrial cyber security.
What are we seeing on the ground?
Thanks to the various Industrial Cyber Security Assessments (ICSA) we conduct diagnostics, analysis and architecture evaluations, and the services we provide, we’ve been able to build an accurate picture of the state of OT cyber security.
Over time, we’ve observed that most organisations are still in the early or intermediate stages of maturity when it comes to industrial cyber security. That said, we’re also seeing a growing awareness and recognition of the importance of protecting OT environments.
Even so, we continue to find major gaps that are recurring across different sectors:
- Incomplete inventories of OT assets.
- Flat networks with no proper segmentation or IT/OT separation.
- Use of default passwords, shared credentials, or no password rotation policies.
One of the most critical issues we detect is the lack of real-time visibility into what’s happening in OT networks. This is despite the fact that specialised technologies in this area are gaining traction, although their deployment is still limited in many companies.
This type of OT monitoring is essential for strengthening cyber security posture. In fact, during our lab demonstrations for clients, we’ve shown how active monitoring enables early detection, before they become incidents, of real-time attacks, behavioural anomalies and insecure configurations in industrial devices. This, in turn, enables a rapid response to any threat.
Photo: Ugi K. on Unsplash.
The data speaks for itself
In recent years, we’ve come across various scenarios:
- Assuming the OT network is isolated; for example, we recently found a control PC directly connected to the Internet.
- Not knowing how many industrial devices are connected or what firmware they’re running. In one case, a client believed they had 50 OT devices, it turned out to be over 100.
- Finding shared passwords between several people, or written on post-its stuck to monitors or control cabinets, posing a serious risk to critical systems.
From this, we’ve gathered the following statistics:
- Default credentials were found in over 80% of cases.
- More than 70% of OT networks lack proper segmentation between operations and supervisory zones.
- Over 60% of environments analysed had devices running outdated firmware or without security patches.
This data paints a worrying picture, but also points to a huge opportunity for improvement. It can serve as a starting point for building a roadmap of corrective measures and technology proposals to help strengthen industrial cyber security.
Photo by Kimberly Nguyen on Unsplash.
The human factor
While technology solutions are important, they’re only one part of the equation. Staff training and awareness are key to preventing cyber security incidents. Initiatives such as workshops, training courses and incident response simulations are helping to close this gap.
In short, industrial cyber security is no longer optional. The threats are real, but so are the opportunities: every assessment, every training session and every project helps us to learn, improve and build a more resilient ecosystem.
You don’t have to implement every change overnight, but you do need an action plan, which can be carried out internally or through professional services.
