Page 82 - Cyber Defense eMagazine April 2023
P. 82

Cyber threats to critical infrastructure are increasing and challenging public safety, society and
            economic stability.

            While no industry is spared cybersecurity threats, some are more susceptible than others to risks with
            far-reaching consequences. Critical infrastructure organizations, including those in energy, healthcare
            and manufacturing, have become a key target for malicious actors, with more than 60% of attacks in
            2021 targeting operational technology. Gartner, the technological research and consulting firm, even
            predicts  that  cybercriminals  are  likely  to  weaponize  operational  technology  and  cause  “harm  or  kill
            humans” by 2025.

            The energy sector, which is crucial for the running and development of every other industry, has suffered
            a number of cyber incidents in recent years which have not only disrupted operations and the supply
            chain but also contributed, at times, to panicked consumer behaviour and higher energy prices. Such
            effects were, for instance, felt in May 2020 when a ransomware shut down the Colonial Pipeline, a major
            gasoline and jet fuel pipeline spanning 5,500 miles.

            The healthcare sector has also suffered. A report by Check Point says that cyberattacks rose by 86% in
            2022 compared to 2021. On average, the industry experienced roughly 1,410 security breaches every
            week. Such attacks often result in disruption of access to critical health data, such as prescriptions,
            laboratory results, as well as patient admission and discharge functions.

            While such attacks expose patients to both cyber and physical risks, they also bear a significant cost for
            healthcare  institutions.  For  the  past  12 consecutive  years,  the  health  industry,  more  than  any  other
            industry, endured the highest data breach costs reaching a record $10.1 million in 2022.

            With the proliferation and rapid adoption of innovation and digitalization resulting in connected factories
            and products, the manufacturing industry became the most targeted sector in 2021, with 65% of the
            incidents leading to disruption of operations and supplies and tampering the quality of end products. At
            a time when supply chains are under stress, a cyber event could be hugely damaging for the global
            economic outlook.



            Managing cyber risks is not easy task, especially when industries are facing three main challenges:

               •  Divergent culture and priorities: Historically, a culture gap prevailed between the approach
                   taken towards enterprise and industrial operational technologies, particularly regarding security.
                   With both environments converging, an integrated approach on security is required.
               •  Diversity of technologies: Organizations rely on modern, proprietary and legacy technologies,
                   some  of  which  were  built  to  last  a  lifetime  but  without  necessarily  cybersecurity  in  mind.  In
                   addition, innovation and adoption of emerging technologies expand the complexity of managing
                   cyber threats.
               •  Multifaced and complex ecosystem: The hyperconnectivity and complex supply chain networks
                   and dependencies, where trust is extended to third-party providers with different cybersecurity
                   practices and levels of maturity, is a further challenge to security.

            Moreover, these three challenges coexist with external factors that shape the cybersecurity space.




                                                                                                              82
   77   78   79   80   81   82   83   84   85   86   87