Malaysian OT Businesses Faced A Surge in Cyber Attacks
Palo Alto Networks, the global cybersecurity leader, has published its State of OT Security: A Comprehensive Guide to Trends, Risks, and Cyber Resilience report. The report surveyed 1,979 operational technology (OT) and IT business leaders across 23 countries globally, including 51 leaders in Malaysia, to understand the trends, risks, and cyber resilience strategies within OT environments, offering insights into the challenges faced by organisations across the globe.
Industrial operations across Malaysia are increasingly under regular and widespread cyberattacks, forcing operational shutdowns which result in lost revenue and significant remediation costs. At the same time, operators face increased compliance requirements as well as new risks posed by their adoption of new technologies and processes, including AI, remote access, cloud, 5G, and robotics. As a result, industrial operators are increasingly conscious of the need to adapt cybersecurity to the new demands of the day.
Concerns on Malaysia’s OT Businesses
Key findings for Malaysia from the report reveal a concerning landscape in OT security:
- Industrial operations are at high risk of cyberattacks – Industrial operations were once believed to be immune to cyberattacks given their air-gapped systems, legacy assets, proprietary technologies, and fragmented end markets. This is no longer the case. 78.4% of Malaysian respondents stated that their organisations had experienced at least one cyberattack in the past year. Equally alarming is the frequency of these attacks, with over 55% of respondents experiencing attacks often monthly or weekly.
- Cyberattacks can shut down Malaysian OT operations – The impact of these attacks has been significant, with a quarter (25%) of Malaysian organisations having to shut down industrial operations in the last year due to a successful attack. This dangerous state of affairs is driving industrial operators to increasingly focus on security for their OT environments – 52.9% of Malaysian respondents consider it a high priority, and four out of 10 (41.2%) expect to increase spending on OT cybersecurity in the next two years.
- Friction between OT and IT is a challenge – Despite the urgency, there remains a disconnect between OT and IT teams, hindering coordinated responses to threats. When asked to describe the relationship between OT and IT, more than half (68.6%) stated that it was either siloed or frictional, with only 13.7% answering that their teams are aligned. Furthermore, only 36.3% of respondents reported shared responsibility for OT cybersecurity purchase decisions between the two teams. This disparity is due to the historical roles of both teams, with IT traditionally being in charge of company-wide security, while OT has historically focused on industrial operations.
- AI is a double-edged sword – AI has already caught the attention of industrial operators, but the judgement on its value is split between fear of AI-enabled attacks and demand for AI-enabled protection. The survey found that 80.4% of respondents in Malaysia identified AI attacks against OT as a critical issue today, but 74.5% also agreed that AI will be key to stopping OT attacks.
- The move to the cloud will reinforce OT security – AI is not the only new technology making its way into OT environments, with operators also getting ready to implement cloud solutions, among others. The report found that 79% of organisations in Malaysia believed the move to the cloud would reinforce OT security. However, almost half (49%) of them also stated it would create increased cybersecurity challenges in the next two years.
- Zero Trust is the North Star – The report also underscores the criticality of embracing a Zero Trust approach to OT security, with 76% of industrial respondents endorsing it as the right strategy. However, deployment rates remain relatively low, with just over 28% having fully implemented Zero Trust solutions for their OT/IT environments.
Sarene Lee, Country Manager, Malaysia at Palo Alto Networks, said, “Cyberattacks are causing an increasing number of production shutdowns in Malaysian industries. To address these risks, they must use two key measures. To reduce developing risks, strengthen the security relationship between OT (Operational Technology) and IT (Information Technology). Second, secure your cloud infrastructure and create a Zero Trust policy to ensure strong access security. By implementing these safeguards, our industrial sector can better protect its assets and ensure operational continuity in the face of emerging cyber threats.”
In this digital age, where connectivity is omnipresent, traditional security measures alone are insufficient to combat sophisticated cyber threats. An AI-led approach stands at the forefront of defence, offering unparalleled capabilities to analyse massive data volumes at speed, as well as identify patterns indicating imminent threats, even before an attack occurs. Furthermore, a close collaboration between the IT and OT teams is essential, to ensure a consolidated approach to cybersecurity.
For more information, please visit this website.