While a majority of industrial companies claim they are well prepared to handle a cyber security incident, many have admitted experiencing at least one incident in the past 12 months, and the annual cost can be as high as half a million dollars, according to a new report from Kaspersky Lab.
The security firm has conducted a survey of 359 industrial cybersecurity practitioners across 21 countries, mainly from the manufacturing, construction and engineering, and oil and gas sectors.
A majority of the respondents (83%) said they were prepared to deal with cybersecurity incidents within their industrial control systems (ICS) environment, and 86 percent claimed they had a dedicated policy or program in place.
However, half of them have experienced between one and five security incidents in the past year, and one percent claimed they were hit as many as 25 times.
The main concern for many organizations are conventional malware infections, which also accounted for the highest percentage of actual incidents. Other areas of concern include threats from third-parties, sabotage or other damage caused from the outside, ransomware, and targeted attacks. Many are also concerned about the impact of employee errors or unintentional actions, and sabotage or intentional damage from the inside.
The companies surveyed by Kaspersky said they spent a lot of money dealing with cybersecurity incidents. The average financial loss was roughly $347,000 per year, but organizations with more than 500 employees claimed they had spent nearly $500,000. These costs include the bill for addressing the consequences of the incident, software upgrades, staff and training.
As for the ICS security measures taken by organizations, two-thirds of respondents said they rely on anti-malware solutions and security awareness training. Roughly half of companies also leverage intrusion detection and prevention systems, security audits, unidirectional gateways, vulnerability scanning and patch management, asset identification and management, and anomaly detection.
Kaspersky pointed out that the move towards more advanced security technologies in favor of the traditional air-gapping is a good sign.
The report shows that the main challenges of managing ICS cyber security are related to finding employees with the right skillset and finding reliable partners for implementing security solutions.
Kaspersky’s “The State of Industrial Cybersecurity 2017” report is available for download in PDF format.
Related Reading: Industrial Systems at Risk of WannaCry Ransomware Attacks
Related Reading: Exploring Risks of IT Network Breaches to Industrial Control Systems
Related Reading: Non-Targeted Malware Hits 3,000 Industrial Sites a Year