Many Critical Infrastructure Organizations Will Experience a Security Breach by 2025

Many Critical Infrastructure Organizations Will Experience a Security Breach by 2025

Foto: Depositphotos

By 2025, 30% of critical infrastructure organizations will experience a security breach that will result in the halting of operations- or mission-critical cyber-physical systems, according to Gartner.

Critical infrastructure security has become a primary concern for governments around the world, with the US, UK EU, Canada, and Australia each identifying sectors deemed ‘critical infrastructure’, for example, communications, transport, energy, water, healthcare, and public facilities. In some countries, critical infrastructure is state-owned, while in others, like the US, private industry owns and operates a much larger portion of it. “Governments in many countries are now realizing their national critical infrastructure has been an undeclared battlefield for decades,” said Ruggero Contu, research director at Gartner. “They are now making moves to mandate more security controls for the systems that underpin these assets.

A Gartner survey showed that 38% of respondents expected to increase spending on operational technology (OT) security by between 5% and 10% in 2021, with another 8% of respondents predicting an increase of above 10%. However, this may not be enough to counter underinvestment in this area over many years, according to Gartner. “Besides the need to catch up, there is a growing number of increasingly sophisticated threats,” Contu said. “Owners and operators of critical infrastructure are also struggling to prepare for the coming increased oversight.”

Over time, the technologies that underpin critical infrastructure have become more digitized and connected, thus creating cyber-physical systems security risks. The result has been a substantial increase in the attack surface for hackers and bad actors of all kinds. In critical infrastructure sectors, organizations need to be more concerned about real-world hazards to humans and the environment, rather than information theft. Gartner predicts that by 2025, attackers will have weaponized a critical infrastructure cyber-physical system to successfully harm or kill humans.

Gartner recommends that security and risk management (SRM) leaders in critical infrastructure sectors develop a holistic approach to security, so that IT, OT, and Internet of Things (IoT) security are managed in a coordinated effort. “SRM leaders should accelerate efforts to discover, map and assess the security posture of all cyber-physical systems in their environment,” said Contu. “Invest in threat intelligence and join industry groups to stay apprised of security best practices, upcoming mandates, and requests for inputs from government entities.”

More from category

Multi-Factor Authentication to Generate $27 Billion for Mobile Operators

Multi-Factor Authentication to Generate $27 Billion for Mobile Operators

22 May 2022 comment

Operators will generate $27 billion from the termination of SMS messages related to multi-factor authentication in 2022; an increase from $25 billion in 2021, according to a new study by Juniper Research.

Open RAN and vRAN Revenues Surge in 1Q22

Open RAN and vRAN Revenues Surge in 1Q22

21 May 2022 comment

Preliminary findings suggest total Open RAN revenues, including O-RAN and OpenRAN radio and baseband, surged in the first quarter of 2022, according to Dell’Oro Group.

IBM Research Shows Steady AI Adoption

IBM Research Shows Steady AI Adoption

20 May 2022 comment

New market research commissioned by IBM revealed that global AI adoption grew steadily over the last year, to 35 percent of those surveyed in 2022.