TXOne Networks, a prominent player in Cyber-Physical Systems (CPS) security, has released its 2023 annual report highlighting a surge in cybersecurity challenges faced by global industries. Titled "The Crisis of Convergence: OT/ICS Cybersecurity 2023," the report is accessible for free download and outlines escalating issues such as the rise of Ransomware-as-a-Service (RaaS) attacks, exploitation of supply-chain vulnerabilities, and an increase in state-sponsored and politically motivated hacking incidents amidst geopolitical tensions.
In September 2023, TXOne Networks conducted a survey involving 405 key IT and OT security decision-makers across diverse sectors, including automotive, pharmaceuticals, biotechnology, chemical, general manufacturing, oil and gas, and transportation. The report synthesizes the survey findings with TXOne Networks' analysis of 545 cybersecurity incidents worldwide in 2023.
According to the report, the threat landscape in industrial manufacturing and critical infrastructure has significantly intensified, leading to destructive events, economic losses, and potential risks to human safety. The protection of critical Operational Technology (OT) assets takes precedence for organizations, with a notable focus on data security as a key area of investment within OT security budget allocations. To enhance resilience against evolving threats, organizations are exploring innovative approaches like Cyber-Physical Systems Detection and Response (CPSDR), integrating OT expertise across various domains.
Collaborating with Frost & Sullivan, the report delves into various crucial aspects of contemporary OT/ICS cybersecurity, including ransomware threats, OT system maintenance, integration concerns with Information Technology (IT), nation-state cyberattacks, dedicated teams for OT and Industrial Control System (ICS) security management, OT/ICS cybersecurity investment, new regulations and standards, and supply-chain integrity.
Terence Liu, CEO of TXOne Networks, emphasizes the need for organizations to move beyond regulatory compliance in their OT/ICS cybersecurity strategies. Liu highlights the necessity for new governance structures, enhanced team and technical capabilities, integration of advanced threat detection and response into cybersecurity frameworks, and risk management across the supply chain to safeguard revenue-generating operations effectively. The report concludes with a call for organizations to adapt to the constantly evolving threat landscape to ensure the availability, reliability, and security of their operations.