Although industrial entities will increase the expense for their tech stack, the shortage of staff and vertical regulations are still a major topic in 2023.
In the lead up to economic slowdowns that may come in 2023, we foresee mature companies investing in advanced technology such as 5G connectivity. Similarly, we anticipate more original equipment manufacturers (OEM) gradually coming out with offerings and solutions that incorporate AI, in certain areas of their operations.
As manufacturers turn to IT to gain a competitive advantage, malicious actors will also capitalize on this emerging technology to ramp up their attacks. The increased integration of IT and OT brought about by these transformative technologies will become a double-edged sword for industrial companies, especially those that keep security strategies for their IT and OT infrastructures separate: while this convergence enables them to monitor their operations closely it will also expose organizations to unforeseen threats.
In 2023, we foresee an upward trend in IT-based cyberattacks inadvertently affecting OT systems that are connected to IT networks – and worse, revealing OT systems as an underutilized attack vector through which malicious actors can move laterally between OT and IT environments.
While companies are covering their bases on this front, the real challenge is finding talent to keep the technology airtight, and operational technology and industrial control systems (OT/ICS) will be among those hit hardest by the security skills gap in 2023. Cybersecurity challenges in this space often involve manpower shortages and human error, which we predict will leave the OT systems of industrial environments limping under understaffed security teams tasked with protecting networks of multiple factories.
Threat actors have been known to practice on systems similar to those of an industrial target to develop customized and OT/ICS-focused malware, so manufacturers that can’t find qualified personnel to helm the new technologies they’ve adopted may find themselves at the receiving end of OT/ICS disruptions. Based on our own research, such disruptions can cause financial losses of up to an average of US$2.8 million per incident.
OT systems are already tightly regulated among certain industries, and we see even more companies taking steps toward collaboration and self-regulation in the year ahead. Modern industrial facilities have been known to be proactive when it comes to protecting their own: Cybersecurity guidelines can be handed down from parent companies or set by upper management, but many smart factories adopt security measures mainly to comply with established industry-wide standards.
This prediction of OT cybersecurity is a part of the research paper conducted jointly between TXOne and Trend Micro. For the full report please refer to: https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/2023