Many industrial security professionals lack visibility into their organizations’ assets and processes. This includes Industrial Internet of Things (IIoT) devices as well as industrial organizations’ supply chains. Back in March 2021, Tripwire announced the results of a survey in which 99% of security professionals said that they had experienced challenges securing their organizations’ IoT and IIoT devices. Two-thirds of respondents said that they had struggled to discover and remediate vulnerabilities, while 60% had run into issues when managing their IoT device inventory. A majority (87%) of survey participants went on to state that they were worried about the supply chain risks introduced by IoT and IIoT devices.

This concern isn’t unfounded. Back in 2020, the number of attacks nearly doubled for industrial companies, reported BetaNews, while the volume of malware-related attacks grew 54% compared to 2019. It was several months later when BetaNews shared the results of another report in which researchers noted that industrial organizations constituted the second most-targeted sector in 2020. The research noted how an external attacker could penetrate the corporate network of 91% of industrial organizations, and it disclosed that penetration testers had successfully accessed the industrial control system (ICS) networks at 75% of those entities.

Things didn’t improve much in 2021. According to SecurityWeek, 80% of IT and OT security professionals in the United States, Europe, and APAC admitted that their organization had suffered a ransomware attack during that period. Half said that the incident had affected their ICS/OT environment, with nearly half clarifying that the impact had been significant.

Why Are Industrial Organizations Struggling with Visibility?

In April 2021, SecurityWeek wrote that security teams tend to lack visibility into their OT networks for several reasons. Provided below are a couple of them.

• Lack of standardization: Homogenous OT networks aren’t the (Read more...)