[German]Cyberattacks on industrial plants or their control and regulation systems are an increasing threat. Trend Micro states that 90 percent of German companies in the power, oil and gas, and manufacturing sectors were affected by cyberattacks in the last twelve months. The average damage caused by these attacks was 2.9 million euros.
Advertising
What it costs, numbers please
This study from Trend Micro finally gives decision-makers some initial numbers on how much damage a successful cyberattack on a company's infrastructure costs. For its study, Trend Micro surveyed 900 industrial cybersecurity executives in Germany, the U.S., and Japan from the manufacturing, oil and gas, and electricity sectors, including 300 in Germany.
- For German companies whose OT (operational technology) and industrial control systems were affected by cyberattacks, the average financial loss amounts to about 2.9 million euros, according to the company.
- Compared with Japan (2.1 million euros) and the United States (2.6 million euros), the loss amount in Germany is thus the highest.
The oil and gas industry suffered the greatest loss. At 90 percent of German companies, the supply chain was affected in addition to core operations, so that they had to temporarily reduce deliveries or change their supply planning.
Industrial control, Source: Pexels, free use
Detection not sufficient
A look behind the scenes reveals that while 48 percent of German companies surveyed say they "always" or "usually" respond to an attack with improvements to their cybersecurity infrastructure, not all companies have sufficient resources or knowledge to protect against future threats. Nevertheless, not all companies still have sufficient resources or knowledge to protect themselves against future threats. As a result, 52 percent respond only "sometimes" or "hardly at all."
Three-quarters (75 percent) of German respondents said they had even been affected by cyberattacks on their industrial environments at least six times in the course of a year. In addition, Trend Micro's study (registration required) comes to the following conclusions:
Advertising
- 41 percent of German companies were already unable to fend off the initial attack.
- The two most important factors for improving cybersecurity levels are future investments in cloud systems (31 percent) and the implementation of 5G campus networks (27 percent).
- OT security is less mature than IT security in terms of risk-based threat defense.
The integration of cloud computing, edge computing and 5G into mixed IT and OT environments has fundamentally changed industrial systems and processes. Enterprises should stay ahead of this evolution and proactively implement security measures to protect their business assets, writes Trend Micro. Improving risk and threat visibility is an important first step in securing the private network and industrial cloud, he said.
"Industrial sites around the world are turning to digitization to drive sustainable growth. However, this has led to a flood of security threats that many companies are not armed against and that can cause great damage – both financially and reputationally," said Udo Schneider, IoT Security Evangelist Europe at Trend Micro. "To secure what are now highly interconnected IT and OT environments, enterprises need experienced partners who have the foresight and the right toolbox of solutions."
