In the last year, the main trend among critical national infrastructure (CNI) operators has been the digitisation and transformation of their organisations. With the goal of accelerating digital transformation efforts and scaling their operational agility, they have increased connectivity between previously air-gapped infrastructure and accommodated new working models.
“While these developments have afforded CNI operators several technological and operational improvements, many operators are still constrained by a number of cyber security challenges,” says Martin Riley, Director of Managed Security Services at Bridewell. “The challenge facing these organisations is the need to deliver against business objectives, whilst managing risk and maintaining uptime in environments that are design not to be taken offline. As a result, in 2022, CNI operators are seeking better ways to improve service while minimising cost and risk.”
To better understand how CNI operators are approaching this challenge, and what cyber security threats they are most concerned about, in March 2022 Bridewell commissioned research among 521 cyber security decision makers. With respondents across utilities, transport and aviation, finance, government and communications, the research examined the relative confidence and risk levels faced by these different sectors.
Here are some of the report’s top findings.
Organisations Need to Prioritise Meeting NIS Regulations
76% of CNI organisations agree that the NIS regulations and cyber security oversight process has improved their cyber security posture. This is an encouraging figure that indicates a good level of preparedness among CNI operators for the evolving threat landscape in 2022. Given these benefits, continuing to develop their cyber security posture to better align with existing and proposed updates to NIS regulations should be a priority.
However, with 56% believing that the proposed updates to NIS regulations are unfeasible and 55% still trying to meet the original requirements, there is a shortage of cyber skills and resource among some organisations. To close this gap and drive further improvements in their cyber security posture, organisations should seek a cyber security partner with the right expertise to help them meet NIS requirements
Ransomware Remains a Leading Threat
In 2022, ransomware entered a new phase of complexity and sophistication with several new methods appearing that pose a greater challenge for cyber security teams. Once a relatively opportunistic means of quickly capitalising on human error to extort money from individuals and organisations, ransomware is now being driven by skilled human actors who infiltrate organisations for extended periods before launching potentially devastating attacks on data and systems. This is also known as Human Operated Ransomware, download the whitepaper here.
Despite this, most respondents are confident they know how to stay protected. 8 in 10 say they fully understand how to protect their organisation against human operated ransomware. Yet, nearly half admit to not having key measures in place to facilitate sufficient protection, detection and response to ransomware threats. This suggests that while CNI operators have had some success in defending themselves against ransomware, there is still room for improvement - (UK Critical Infrastructure Leaders Take a Chance on Ransomware).
Staff Wellbeing Must Be Considered
Aside from the changing threat landscape for CNI operators, the research also found that the impact of cyber threats has changed for organisations. Beyond the financial and reputational costs of a successful cyber attack – which are particularly damaging for CNI operators – there is a significant impact upon staff wellbeing.
An overwhelming 87% report they have feared losing their job due to a cyber attack, with the communications, transport and aviation and utilities sectors being the most affected. Given that 68% of CNI operators say it has become harder to recruit the right resources to secure and monitor systems over the past year, finding ways to identify these threats should be a priority. This is where a Managed Detection and Response (MDR) provider can be invaluable, providing organisations with 24/7 visibility of their cyber estate and reducing the burden on in-house staff.
Responding to the Threat Landscape
As specialists in cyber security for complex and highly regulated industries, Bridewell understands the challenges faced by CNI operators. Our consultants work closely with the NCSC around OT and also lead relevant communities of interest on behalf of the NCSC. Our Security Operations Centre (SOC) understands the sensitivity of Operational Technology, the complexities of IT and OT convergence and is trusted to protect some of the UK’s most critical national infrastructure.
Having witnessed first-hand the breadth and sophistication of threats targeting the industry, we are uniquely positioned to help CNI operators resolve their cyber security challenges. Our SOC is already providing trusted cloud services to move OT data centres to the cloud, and we are helping businesses align with NIS and ISA62443 through our transformational consultancy.
Download the ‘Cyber Security in Critical National Infrastructure’ report for more information on:
- The current cyber security landscape
- Confidence in cyber security
- The ransomware risk
- The impact of cyber attacks
Author
Martin Riley
Director of Managed Security Services