expert
OPINION
BEN MILLER , CISO AT DRAGOS
In the latter part of 2023 , Dragos , a prominent figure in the realm of cybersecurity , unveiled a pioneering threat report . Its pages layered alarming statistics revealing a staggering 50 % surge in ransomware assaults targeting industrial entities compared to the previous year . The report further uncovered a startling revelation that more than 70 % of these ransomware onslaughts were specifically directed at manufacturers . Ben Miller , CISO at Dragos , speaks to Intelligent CISO ’ s Arrey Bate about key OT cybersecurity trends in 2024 , the effects and impacts of attacks on supply chains and steps industrial organisations can take to strengthen their cybersecurity posture .
Fortifying defences : Strategies for industrial titans in the face of cyber onslaught
How has cybersecurity evolved over the years and how have threat groups adapted their strategies to target Operational Technology infrastructure ?
Reflecting on the infrastructure developments over the past 20 to 25 years , there ’ s been a notable shift from highly customised systems to more standardised and interconnected ones . This evolution has simplified vulnerabilities in many ways . However , alongside this , attacks within industrial control systems and the IoT space have also evolved .
Around 10 years ago , adversaries focused on impacting specific devices with significant resources . Now , they ’ ve expanded their capabilities to affect various devices across different vendors and controller types . This broadened reach demonstrates their increased proficiency to impact multiple verticals and facility types simultaneously .
This analysis is evident in the Dragos OT Cybersecurity Year in Review report .
The OT Cybersecurity Year in Review report recorded a 50 % increase in ransomware attacks on industrial organisations over the last year – what are some specific challenges manufacturers face ?
Manufacturing sectors face tight margins and often lack dedicated security budgets . This results in vulnerable perimeters around production lines , whether in chemical or widget manufacturing . Ransomware attackers typically target corporate environments , lacking expertise in Operational Technology ( OT ) systems . However , weak security between corporate and OT environments leads to what I call a spillover or collateral damage . Ransomware incidents disrupt production , causing
WWW . INTELLIGENTCISO . COM 41