Operational downtime, financial loss and long recovery times served major impacts on businesses following cyberattacks, a new study from Claroty finds
Claroty, a cyber-physical systems (CPS) protection company, has released new research which illuminates the significant business impacts of cyberattacks affecting CPS environments.
The report, The Global State of CPS Security 2024: Business Impact of Disruptions, is based on a global independent survey of 1,100 infosecurity, OT engineering, clinical & biomedical engineering and facilities management & plant operations professionals about the business impacts of cyberattacks on their organisations in the past 12 months.
The findings revealed over a quarter (27%) of organisations reported a financial impact of US$1 million or more from cyberattacks affecting CPS. Several factors contributed to these losses, the most common being lost revenue (selected by 39% of respondents), recovery costs (35%) and employee overtime (33%).
Ransomware continues to play a big role in recovery costs, as over half of respondents (53%) met ransom demands of more than US$500,000 to recover access to encrypted systems and files to resume operations.
This problem is particularly severe in the healthcare sector – 78% reported ransom payments over US$500,000 – as ransomware and extortion-based attacks on hospitals and clinical environments continue to run seemingly unabated.
Closely tied to the financial losses are the operational impacts, with one-third (33%) reporting a full day or more of operational downtime that impacted their ability to produce goods or services. About half (49%) said the recovery process took a week or more and nearly a third (29%) said recovery took over a month. This is particularly notable given that CPS environments such as manufacturing plants place a premium on the availability and uptime of critical systems – even at the expense of timely security and feature updates.
When considering the root cause of these cyberattacks, third-party and remote access exposures persist across organisations. Over four-fifths (82%) of respondents said at least one cyberattack – and nearly half (45%) said five or more attacks – in the past 12 months originated from third-party supplier access to the CPS environment.
And yet, almost two-thirds (63%) admit to having only partial or no understanding of third-party connectivity to the CPS environment.
While the findings show the last 12 months were disruptive and costly for most CPS-enabled organisations, respondents also conveyed growing confidence and improvements in their risk reduction efforts.
A majority (56%) have greater confidence in their organisation’s CPS to withstand cyberattacks today versus 12 months ago, and 72% expect to see quantifiable improvements in their CPS security in the next 12 months.
“The impacts from cyberattacks on asset-intensive organisations can be detrimental to operations, and, in reality, often require the level of loss as we saw in our study to make the necessary cybersecurity investments,” said Grant Geyer, Chief Strategy Officer at Claroty.
“To evolve from this reactionary process to a proactive one that will decrease losses, we also found that organisations are shifting their thinking – they are starting to consider it core to delivering on an organisation’s mission.
“The insights from this report validate that not investing in the very unique challenge of protecting CPS can lead to a serious hit to the organisation’s bottom line and that, thankfully, organisations are beginning to see the payoff of making that investment,” added Geyer.
Click below to share this article
