A majority or 74% of operators polled for a global report believe that in the next three years, attacks will be more frequent than in the last five, according to “Securing the Digital City: Cyber-Threats and Responses,” sponsored by NEC.
Based on a global survey of 200 operators of critical infrastructure, a major reason for increased risk is growth in the Internet of Things (IoT)—80% of respondents agreed that proliferation of the IoT and big data will make them more vulnerable to a serious cyber-attack.
Telecom and IT service providers are believed to be most at risk of attack because they enable all other critical infrastructure and hence an attack on them would have the widest impact. Banking is viewed as the second most likely target given the high value of the assets held by these institutions.
While outsourcing was once viewed with skepticism by security-minded technology buyers, it seems to have gained acceptance as part of cyber-security efforts: 35% of respondents say they are primarily using third-party relationships to manage their security, while 19.5% said they use a mix of internal and external solutions.
Despite an increase in outsourcing of IT security, and the increasing complexity of the IoT, survey respondents feel prepared to deal with rising threats – 87.5% say they have established clear chains of command for cyber-security issues.
“The increasing connectedness of critical infrastructure is improving the quality and reach of services, but it is also exposing operators to greater levels of risk from cyber-attacks,” says Chris Clague, the editor of the report.
“Mitigating that risk is more important for critical infrastructure than perhaps any other sector because their operations are responsible for the day-to-day functioning of society. It is encouraging that nearly nine in ten respondents believe their organisation has a clear command structure to deal with attacks, but they will also need to be continually fine tuning their portfolio of tools and resources.”
