A recent survey commissioned by Palo Alto Networks reveals concerning trends among industrial organizations facing cyberattacks, particularly impacting their Operational Technology (OT) operations. Conducted across 16 countries, the survey targeted nearly 2,000 respondents and found that three-quarters had detected malicious cyber activity in their OT environment. Alarmingly, 24% reported having to shut down OT operations in the past year due to successful cyberattacks, resulting in significant disruptions and preemptive measures.
Shutdowns of OT operations entail various costs and consequences for industrial organizations, including lost revenue opportunities, expenses for damage control and event remediation, and potential reputational damage. The survey underscores the broad range of impacts, which can include additional security investments, communications with stakeholders, legal proceedings, and public relations efforts. Long-term implications may also include regulatory penalties, higher insurance premiums, and disruptions to supplier and customer relationships.
Despite the prevalence of cyberattacks, the survey indicates that organizations are increasingly recognizing the importance of protecting their OT environments. Over 60% of respondents deem initiatives to safeguard OT environments as important or very important, with more than half planning to boost their OT cybersecurity budgets within the next two years. However, challenges persist in the decision-making process, with varying degrees of collaboration between IT and OT departments and notable friction observed in some organizations’ cybersecurity efforts.
Regarding the role of artificial intelligence (AI) in cybersecurity, respondents express a mix of concerns and expectations. While three-quarters view AI-enabled attacks on OT infrastructure as a critical issue, a similar proportion believes that AI-driven security solutions will be essential for detecting and mitigating such threats. Nevertheless, apprehensions remain about the potential for AI to empower malicious actors, with roughly half of respondents anticipating that AI may favor hackers over security teams and reduce the need for cybersecurity professionals within their organizations.
