Claroty, the cyber-physical systems (CPS) protection
company, today released new research illuminating the significant business impacts of cyber
attacks affecting CPS environments. The report, “The Global State of CPS Security 2024:Claroty - The Global State of Cyber Security
Business Impact of Disruptions” is based on a global independent survey of 1,100 infosecurity,
OT engineering, clinical & biomedical engineering, and facilities management & plant operations
professionals about the business impacts of cyber attacks on their organisations in the past 12
months.
The findings revealed a significant financial impact, with 1 out of 5 (22%) organisations in the
Australia and New Zealand (ANZ) region reporting a financial impact of $1 million USD or more
from cyber attacks affecting CPS. Several factors contributed to these losses, the most common
being loss of customer or partner relationships (19%), lost revenue (15%), and regulatory fines
(12%).

Ransomware continues to play a big role in recovery costs, as three quarters of ANZ
respondents (75%) met ransom demands of more than $500,000 USD to recover access to
encrypted systems and files in order to resume operations. This problem is particularly severe in
the healthcare sector – globally, 78% of respondents reported ransom payments over $500,000
– as ransomware and extortion-based attacks on hospitals and clinical environments continue to
run seemingly unabated.

Closely tied to the financial losses are the operational impacts, with more than a quarter of ANZ
respondents (25%) reporting a full day or more of operational downtime that impacted their
ability to produce goods or services, while over a third (40%) said the recovery process took a
week or more, and 18% said recovery took over a month. This is particularly notable given that
CPS environments such as manufacturing plants place a premium on availability and uptime of
critical systems – even at the expense of timely security and feature updates.

When considering the root cause of these cyber attacks, organisations in ANZ felt they were
lacking certain security capabilities that could have decreased the negative impacts they
experienced; they cited a lack of exposure management (16%) and not having an OT-specific
SOC to respond to attacks (14%).

In the past 12 months, nearly all (93%) of ANZ organisations surveyed had one or more cyber
attacks originate from third-party supplier access to their CPS environment, while nearly half
(47%) reported five or more attacks occurred this way. And yet, a majority (58%) admit to
having only partial or no understanding of third-party connectivity to their CPS environment.

While the findings show the last 12 months were both disruptive and costly for most CPS-
enabled organisations, ANZ respondents also conveyed growing confidence and improvements
in their organisation’s risk reduction efforts. A majority (73%) have greater confidence in the
ability of their organisation’s CPS to withstand cyber attacks today versus 12 months ago, and
100% expect to see quantifiable improvements in their CPS security in the next 12 months,
while 36% are already seeing quantifiable improvements.

“Australian organisations across a range of different verticals are reporting similar risks to their
CPS networks, particularly regarding the remote locations of some of these networks which can
make them difficult to access,” said Leon Poggioli, ANZ Regional Director at Claroty. “This
growing risk to CPS has been reflected in legislation changes including the SOCI Act and
industry-specific standards such as AESCSF, which ensures organisations have an accurate
inventory of all CPS assets and an understanding of the key risks these assets face.
 The survey results also reveal how critical it is for Australian organisations to implement secure
access principles, not just for third-party contractors but also for their own internal users. This
provides an additional layer of auditability and monitoring on critical assets, which can have
important safety and production implications in the case of a cyberattack. The bottom line is – if
your organisation operates a CPS network, that network is most likely going to be your core
business, making it all the more imperative to prioritise the cybersecurity of that infrastructure.”

“The impacts from cyber attacks on asset-intensive organisations can be detrimental to
operations, and, in reality, often require the level of loss like we saw in our study to make the
necessary cybersecurity investments,” said Grant Geyer, Chief Strategy Officer at Claroty. “To
evolve from this reactionary process to a proactive one that will decrease losses, we also found
that organisations are shifting their thinking—they are starting to consider it core to delivering on
an organisation’s mission. The insights from this report validate that not investing in the very
unique challenge of protecting CPS can lead to a serious hit to the organisation’s bottom line
and that, thankfully, organisations are beginning to see the payoff of making that investment.”

To learn more, download the full report: The Global State of CPS Security 2024: Business The State of Global Cyber Security 2024
Impact of Disruption.

EVENT INVITE: At MongoDB.local Sydney, you'll learn technologies, tools, and best practices that make it easy to build data-driven applications without distraction. Connect with our experts and customers to find new ways to build with MongoDB, hear what’s coming out, and meet developers shaking up their industries. Join us for a day filled with educational breakout sessions, customer stories, keynote address, 1:1 Ask the Experts consulting sessions, and more!

COMPANY NEWS: The latest from Microsoft regarding the CrowdStrike outage that impacted some Windows devices.