How to Reduce the Cost and Risk of OT Cyber Security Incidents?
Cyberattacks can cause catastrophic business disruptions and lead to financial losses reaching hundreds of millions of dollars.
The World Economic Forum’s 2020 Global Risk Report ranked cyberattacks on critical infrastructure that disrupt operations and disrupt operations among the top five emerging global risks. Accenture also estimates in its research that the number of cyber attacks has increased by 67% in the last five years.
The increasing digital connectivity and accessibility of industrial networks makes them vulnerable to cyber threats, not only IT systems, but also operational technology (OT) systems, emphasizing the importance of cyber protection.
An analysis of the most significant cyberattacks that have occurred in various industries over the past five years, conducted by Nozomi Networks, shows that OT systems are frequently affected by cyberattacks. Industry sources confirm that regardless of the type of malware used, organizations suffer business disruption, loss of information, loss of revenue and equipment damage.
Fortunately, new technologies are available that significantly reduce the risk by improving the cybersecurity of industrial networks. It is simpler to deploy than you might imagine, providing almost immediate return on investment.
Featured Industrial Cyber Security Incidents
Duke Energy Corp. has been fined $10 million by the North American Electric Reliability Corporation (NERC) for cybersecurity breaches that occurred between 2015 and 2018. The 127 security rule violations included failing to protect sensitive information about its most critical cyber assets and allowing improper access to sensitive systems and physical locations.
A NotPetya attack disrupted operations for two weeks, blocking access to the systems the company relies on to operate its shipping terminals. The incident temporarily shut down the Port of Los Angeles’ largest cargo terminal. The company lost $300 million in business interruptions and equipment damage.
Maersk had to carry out an almost complete infrastructure overhaul. In 10 days they reinstalled 4,000 servers, 45,000 computers and 2,500 applications, a process that would normally take six months.
A petrochemical plant owned by Tasnee in Saudi Arabia fell victim to a cyber-attack aimed at affecting its physical process by interacting with and controlling its security system. Fortunately, TRITON’s programming led to an automatic and safe shutdown of the plant, rather than the intended explosion or uncontrolled outage.
While the costs of the incident were not disclosed, they included business interruption, process disruption, lost revenue and a major cyber investigation.
Ransomware LockerGoga blocked the company’s systems, forcing a shift to manual processes and workarounds. The Export Solutions unit, which produces components for automobile manufacturing, construction and other industries, was forced to reduce its production by 50%.
Administrative systems such as reporting, accounting and invoicing experienced delays. It took several weeks for Norsk Hydro to return operations to normal. Lost margins and lower production volumes were estimated to cost up to $70 million.
How to Reduce Risk with OT and IoT Visibility and Security Technology
To reduce the risk of a cyberattack that disrupts businesses and impacts the bottom line, organizations need to treat the cybersecurity risks of industrial systems with the same rigor they apply to IT systems.
Doing so requires technology that monitors and protects OT networks in real time. Nozomi Networks’ solution is ideal because it is purpose-built and secure for industrial networks, while easily integrating with existing security infrastructure.
Providing a common platform for both IT and OT teams, the Nozomi Networks solution offers
- Superior OT and IoT visibility
- Best-in-class OT and IoT threat detection
- Fast centralization to many discrete sites
1- CYBER SECURITY STANDARDS MUST BE MET
Nozomi Networks solution minimizes the damage and cost of OT cyber incidents by increasing the cyber resilience of industrial networks and reducing the average time it takes to respond to cyber threats, Automatically identifies weaknesses in industrial control networks that compromise cyber security.
IT/OT teams gain real-time visibility of industrial network and cybersecurity risks, helping them improve cyber resilience. Ongoing efforts in this area enable an organization to implement the best practices needed to meet and exceed cybersecurity standards.
2- DETECTING AND BLOCKING RANSOMWARE ON THE NETWORK
Ransomware is one of the fastest growing types of cyberattacks, with a 21% jump in losses last year. The Nozomi Networks solution quickly identifies known ransomware on industrial systems. Staff are alerted and provided with the OT-specific information and tools they need to quickly contain and mitigate damage.
To ensure risk monitoring is up-to-date, the Nozomi Networks solution includes a subscription service called Threat Intelligence. It offers regular threat and vulnerability updates generated by a team of expert industrial security researchers.
3- IDENTIFYING AND STOPPING OT-SPECIFIC MALWARE
Malware is the most costly type of cyber-attack for organizations, averaging $2.6 million annually. The Nozomi Networks solution instantly identifies known malware specific to OT and is regularly updated through the Threat Intelligence service.
In the case of new malware without a signature, anomaly detection is used to identify suspicious activity.
4- HOW TO MITIGATE RISK
Recovery costs and efforts to repair operational and reputational damage can place a significant burden on leadership teams. Proactive planning, smart investments in technology, and integration of IT and OT security systems can prevent or mitigate the negative consequences of cyberattacks.
Leading Solution for OT and IoT Security and Visibility
Nozomi Networks is the leader in OT and IoT security and visibility. We accelerate digital transformation by unifying cybersecurity visibility for the world’s largest critical infrastructure, energy, manufacturing, mining, transportation, building automation and other Leading OT sites. Making it possible to tackle growing cyber risks through exceptional network visibility, threat detection and operational insight.
IMPROVING ENTERPRISE-WIDE CYBERSECURITY
With increasing cyber threats dominating the news every day, there is reason for optimism. The Nozomi Networks solution is cutting-edge, easy and secure, significantly improving OT/IoT cybersecurity and seamlessly integrating with IT infrastructure.
Contact us to see OT and IoT security and visibility in action and experience how easy it is to work with Nozomi Networks: hello@cerrus.io