Firms 'Overestimate' Remote Access Security
A new global report finds that industrial organizations are overconfident in their remote access security. The report highlights significant visibility gaps and rising risks from third-party vendors accessing sensitive operational technology (OT) networks.
The reliance on third-party vendors for remote access is a primary driver for connectivity in industrial environments, with 72% of organizations citing it as a key reason. However, this necessity introduces significant risk, as 60% of all data breaches involve third-party access. Despite high levels of concern about these risks, there is a significant gap in confidence regarding existing security solutions. This is compounded by a lack of visibility, with 55% of organizations citing it as a top deficiency in their remote access security. The attack surface for industrial control systems (ICS) is expanding, with over 145,000 exposed systems identified globally. In 2024, observations of internet-exposed OT devices surged by 138% compared to the previous year, indicating a growing trend of industrial networks being connected to the internet. Common vulnerabilities include the use of legacy VPNs, weak or default credentials, and inadequate network segmentation, which can allow attackers to move laterally between IT and OT systems. In fact, over half of ransomware incidents in 2024 were traced back to compromised remote access services like VPNs and Remote Desktop Protocol (RDP). Many industrial systems utilize protocols that lack modern security features like encryption and authentication, as they were designed when security was not a primary concern. This vulnerability is exacerbated by the fact that many OT systems cannot be regularly patched or taken offline for updates, leaving them exposed to known exploits. To mitigate these risks, experts recommend adopting a zero-trust security model, which operates on the principle of "never trust, always verify" for all users and devices. This approach, combined with network segmentation and multi-factor authentication, can significantly reduce the risk of unauthorized access. There is a clear need for better collaboration between IT and OT security teams, as 41% of firms report these teams work independently. A unified approach is crucial for developing and implementing effective security policies that protect critical infrastructure from evolving cyber threats.
