Thirty percent of the region’s cybersecurity breaches in the Middle East’s oil and gas sector target operational technology, according to new research from Siemens and Ponemon Institute.
The study reveals that while firms have begun to invest in protecting their assets from cyber threats, more needs to be done to increase awareness and the deployment rate of technology if they are to secure their operating environments.
Launched in Dubai today, the study highlights that until recently, cyber attacks have generally targeted IT environments such as PCs and workstations. With the acceleration of digitalisation and the convergence of IT and operational technology (OT), the region is now seeing a rising amount of attacks aimed at the OT environment.
The report investigates the readiness of the Middle East’s oil and gas sector to identify and protect against cyber threats. It also assesses what measures need to be taken to close the gaps, surveying around 200 individuals in the Middle East who are responsible for overseeing cybersecurity risk within their organisations.
“The convergence of IT and OT has become a key opportunity for attackers to infiltrate an organisation’s critical infrastructure, disrupting physical devices or operational processes,” said Leo Simonovich, Vice President and Global Head, Industrial Cyber at Siemens Energy. “We know that attacks are becoming more frequent and increasingly sophisticated, and firms quickly need to assign dedicated ownership of OT cyber, gain visibility into their assets, demand purpose-built solutions and partner with experts who have real domain expertise.”
The report found some 60 percent of respondents believe the cyber risk to OT to be greater than IT, and in 75 percent of cases those questioned had experienced at least one security compromise resulting in confidential information loss or operational disruption in the OT environment in the last 12 months.
Another important take away from the study was that despite awareness of rising OT cyber risk, budgets for OT cyber services and solutions have not kept up with the threat. At present, oil and gas organisations in the Middle East dedicate only a third, on average, of their total cybersecurity budget to securing the OT environment. This suggests that organisations are not aligning their cyber investments with where they are most vulnerable and highlights the urgency to address OT cybersecurity.
To read the full report, click http://sie.ag/2plLzZQ