MELBOURNE, AUSTRALIA, August 2023 – Rockwell Automation, the world’s largest company dedicated to industrial automation and digital transformation, has partnered with cybersecurity experts, Claroty, to release a white paper on safeguarding Australia and New Zealand’s industrial systems.
In the face of an ever-growing climate of cybersecurity attacks, operational technology (OT) security specialists bear the weight of safeguarding Australia and New Zealand’s most critical infrastructure. Ensuring uninterrupted essential services such as energy, food and beverage, healthcare, data processing, and mining industries demands utmost vigilance. However, the recent Rockwell Automation and Claroty survey of 42 C-suite executives and heads of security exposes a concerning truth – many OT systems remain exposed and vulnerable.
“A lot of the challenges organisations face today can be traced back to the fact that OT has traditionally been operated and managed as a separate entity from conventional environments,” says Anthony Wong, regional director, South Pacific, for Rockwell Automation.
The survey bears this out with only 26% of respondents admitting that there is a low or medium level of collaboration between OT and IT, and the two units could do better.
“Cybercriminals are turning to lesser protected OT systems to breach the company’s defences,” says Wong. The cyber-attack on meat packing company JBS, forced the temporary shutdown of 47 sites across Australia and a ransom demand of $14.2 million. Increasingly, cybercriminals are exploiting lax OT security as springboards to launch a wider attack across the organisation.
Key Findings: A Wake-Up Call
- 65% of respondents detected at least one OT-related cybersecurity incident in the last 12 months.
- 60% of cybersecurity leaders believe their budget is not enough to protect their operations
- 29% of respondents were concerned that an OT security incident could disrupt their production.
- 26% of respondents admitted having low or medium levels of visibility into the operations of their network.
- 26% of respondents worry that attacks could compromise the safety of their employees or others
- Just 14% of respondents feel well equipped to identify an OT cybersecurity incident.
A Disconnect Threatening Resilience
The survey reveals a significant challenge faced by companies – the ongoing disconnect between teams managing OT and information technology (IT) systems. A quarter of respondents admit that their IT and OT business units are not collaborating as effectively as they should be. This lack of cohesion poses critical risks to the integrity, availability, and business continuity of critical infrastructures.
“Segregating OT and IT responsibilities used to be manageable because disconnected OT systems were seen as being functionally separate from mainstream systems. But with casual connectivity now built into nearly every device installed into corporate networks, these assumptions no longer hold true,” said Wong.
Securing the Future
To confront these pressing issues, it is imperative to bridge the gap between OT and IT teams and secure the infrastructure against relentless exploitation. Implementing full-spectrum IT/OT/Internet of Things (IoT) visibility and detection capabilities becomes essential to combat threats that transcend the IT/OT boundary.
