CYFOR Blog

Employees are the biggest cyber security threat to businesses as a large number use their own networks, broadband connections and hardware.

Originally reported by Information-age.com, a recent survey found that as critical infrastructure organisations converge their IT, operational technology (OT), IoT and physical systems, companies believe that employees are the biggest cyber security threat.

The independent report, “Weathering the Perfect Storm: Securing the Cyber-Physical Systems of Critical Infrastructure,” queried over 400 c-level executives from critical infrastructure organisations across North America, Europe and Asia/Pacific and reported the following outcomes:

• 52% say employees are the biggest threat to operational security.
• A cyber incursion into IT data systems accounted for 53% of attacks in the last 12 months.
• 85% of security incursions made their way into Operational Technology networks – of those,
• 36% started in IT/data systems and 32% involved physical incursion into OT.
• More than half (64%) say it took a cyber or physical security breach to motivate them to move toward a more holistic approach to cyber security.
• Only a quarter believe their existing security is adequate.

The integration of IT, OT and physical systems are becoming mainstream

• 88% of critical infrastructure executives surveyed have either already integrated their systems or say the integration process is underway.
• 68% say that some of their OT and/or physical systems are isolated from IT, but that the integration process is ongoing.
• One in five respondents (20%) say that all their systems are fully integrated with externally accessible systems, and even fewer (11%) say that none are.

 As the threat landscape is changing, so are security postures

• Nearly 9 in 10 executives say their organisation has experienced a security incident in the previous 12 months and more than half have suffered two or more.
• 85% of security incidents involved OT – of those, 36% started in IT/data systems and 32% involved physical incursion into OT.
• Nearly half of respondents (47%) say cyber-criminals pose the biggest risk.
• But an even larger number (52%) believe former and current employees are the greatest threat.
• 70% of respondent organisations are taking steps to address the new vulnerabilities created by the integration of cyber/digital and OT/physical systems, though the specific nature of those steps varies.

 Challenges and obstacles to a holistic approach to cyber security

• Nearly half of the respondent organisations (49%) struggle with differences in risk tolerances between IT and OT in an environment that has traditionally associated those two areas with very different goals.
• Differences between IT and OT operating environments (43%) and cyber/IT skills requirements (40%) are the top two technical obstacles.
• 30% face employee resistance to cultural change.

 Motivating change

32% say clear directives regarding risk tolerance or performance either from IT/OT executives or from the CEO or Board is driving change. Martin Rudd, CTO of Telesoft Technologies, gives some examples of how home remote working employees can be vulnerable to cyber security breaches.

“The rapid, wider move to homeworking is having two major impacts. One is that the volume of internet traffic has just surged – Vodafone reported a 50% increase in usage of their network. Secondly, within this volume of business traffic, we have seen a huge jump in cyber-attacks taking advantage of the opportunities inherent in businesses changing rapidly. There are more, and less-secure endpoints to attack, opportunities to hide threats in the increased network traffic and cybercriminals are exploiting people’s emotional vulnerabilities through targeted phishing campaigns.”