Research Reveals a Cyber Disconnect Between OT and IT Teams


Research by Palo Alto Networks has found that the disconnect between operational technology (OT) and IT teams is a security concern for Australian businesses. The same research reveals that Australian industrial organisations are the fourth most targeted globally, with 82% experiencing a cyberattack in the past year.

Palo Alto Networks surveyed 1,979 OT and IT business leaders in 23 countries globally, including 103 leaders in Australia, to understand the trends, risks, and cyber resilience strategies within OT environments. The research offer insights into the challenges faced by organisations worldwide. The company released the findings this week in a report titled State of OT Security: A Comprehensive Guide to Trends, Risks, and Cyber Resilience.

Key findings from the report reveal a concerning landscape in OT security, including:

  • Australian industrial operators are the fourth most targeted globally: Once believed to be immune from cyberattacks given their air-gapped systems, legacy assets, proprietary technologies, and fragmented end markets, this is no longer the case. 82% of Australian respondents stated that their organisations had experienced a cyberattack in the past year, the fourth largest target globally. Equally alarming is the frequency of these attacks, with 70% of respondents experiencing attacks often monthly or weekly.
  • Cyberattacks can shut down Australian OT operations: The impact of these attacks has been significant, with 28.6% of Australian organisations having to shut down industrial operations in the last year due to a successful attack, whether as a preemptive measure or due to actual disruption. This dangerous state of affairs is driving industrial operators to increasingly focus on security for their OT environments, with 61.2% of Australian OT and IT leaders considering it a high priority and 52% expecting increased spending on OT cybersecurity in the next two years. Despite this awareness, Australia sits in the bottom half globally in OT security prioritisation, behind Germany, Japan and Italy.
  • Friction between OT and IT is a challenge: Despite the urgency, there remains a disconnect between OT and IT teams, hindering coordinated responses to threats, especially regarding security investment. When asked to describe the relationship between OT and IT, 40% of respondents stated that it was frictional, with only 14% answering that their teams are aligned. Furthermore, only 42% of respondents reported shared responsibility for OT cybersecurity purchase decisions between the two teams. This disparity is due to the historical roles of both teams, with IT traditionally being in charge of company-wide security while OT has historically focused on industrial operations.
  • AI is a double-edged sword: AI has already caught the attention of industrial operators, but the judgement on its value is split between fear of AI-enabled attacks and demand for AI-enabled protection. The survey found that 75% of Australian respondents identified AI attacks against OT as a critical issue today, but eight out of ten also agreed that AI will be key to stopping OT attacks.
  • The move to cloud will reinforce OT security: AI is not the only new technology making its way into OT environments, with operators also getting ready to implement cloud solutions, among others. The report found that 80% of Australian respondents believed the move to cloud will reinforce OT security. However, 54% of them also stated it would create increased cybersecurity challenges in the next two years.
  • Zero-trust is the North Star: The report also underscores the criticality of embracing a zero-trust approach to OT security, with 84% of industrial respondents endorsing it as the right strategy. However, deployment rates remain relatively low, with just under a third of respondents fully implementing zero-trust solutions for their OT/IT environments.

Palo Alto Networks says in light of these findings, organisations should prioritise OT security and embrace zero-trust principles to safeguard their operations effectively.

You can read the full report here.