SecurityWorldMarket

28/07/2021

Cyber threat to shift from data theft to human safety

Stamford, Ct

By 2025, cyber attackers will have weaponised operational technology (OT) environments to successfully harm or kill humans, according to Gartner, Inc.

Attacks on OT – hardware and software that monitors or controls equipment, assets and processes – have become more common. They have also evolved from immediate process disruption such as shutting down a plant, to compromising the integrity of industrial environments with intent to create physical harm. Other recent events like the Colonial Pipeline ransomware attack have highlighted the need to have properly segmented networks for IT and OT.

“In operational environments, security and risk management leaders should be more concerned about real world hazards to humans and the environment, rather than information theft,” said Wam Voster, senior research director at Gartner. “Inquiries with Gartner clients reveal that organisations in asset-intensive industries like manufacturing, resources and utilities struggle to define appropriate control frameworks.”

According to Gartner, security incidents in OT and other cyber-physical systems (CPS) have three main motivations: actual harm, commercial vandalism (reduced output) and reputational vandalism (making a manufacturer untrusted or unreliable).

Gartner predicts that the financial impact of CPS attacks resulting in fatal casualties will reach over $50 billion by 2023. Even without taking the value of human life into account, the costs for organizations in terms of compensation, litigation, insurance, regulatory fines and reputation loss will be significant. Gartner also predicts that most CEOs will be personally liable for such incidents.

Gartner recommends that organisations adopt a framework of security controls to improve security posture across their facilities and prevent incidents in the digital world from having an adverse effect in the physical world.


Tags


Product Suppliers
Back to top