Intelligent, connected machines in manufacturing environments offer numerous benefits but also make production facilities vulnerable to cyberattacks. Given a globally increasing threat landscape with rising damages to the German economy, the right protective measures for OT systems are now crucial. However, a recent survey of German industrial companies reveals: OT security is not a priority!

The German economy is increasingly suffering from the impacts of cyberattacks on its systems and infrastructures. The industry association Bitkom reports damages of approximately 267 billion Euro for the past 12 months – a trend that has been sharply rising for years. You can find a comprehensive summary and evaluation of the Bitkom report here on Digital Chiefs.

How is the German economy, and particularly industrial companies in the country, responding to these threats? Because increasingly, not just IT but also OT infrastructures are in the crosshairs of cybercriminals.

Unfortunately, over half (54 percent) of the IT professionals surveyed in a further recent study rate the protection of the German economy against cyberattacks as inadequate. Around 25 percent are not even familiar with the relevant security standards for their industry.

No Priority for Protecting OT Systems

Given the advanced state of digitalization in manufacturing environments, this finding is disheartening. Many decision-makers lack awareness of the risks posed by the use of software in machines and infrastructure. Nevertheless, over half (51 percent) believe that cybercriminals have already identified their OT systems as vulnerabilities and are planning attacks on them.
And yet, other areas of the business take priority when it comes to building modern IT security architectures. Financial and payment systems (42 percent), corporate networks and data centers (39 percent), and customer data (36 percent) are the main focus. Less than one-tenth (9 percent) of respondents consider production facilities and OT control systems to be particularly in need of protection at present.

High fines are also a threat

At the European level, legislators have responded to this neglect by the economy by introducing the Cyber Resilience Act (CRA), which will obligate manufacturers and operators of devices and control systems in the industrial environment to enhance IT security starting in 2027. You can find the exact regulations and their impact on companies in this article on Digital Chiefs. However, only 23 percent of IT decision-makers consider the CRA relevant for operational technology (OT) systems.

Companies are thus faced with a double threat: on the one hand, hackers are increasingly targeting OT systems and have an easy time due to weak or non-existent protective measures. On the other hand, non-compliance with the CRA can result in penalties of up to 15 million Euros. Many industrial companies, however, hesitate to better protect their OT systems. They fear complicated implementation procedures with IT service providers unfamiliar with OT environments, which could lead to costly downtimes.

IT-OT Convergence for Optimal OT Security

What you need are the right partners who understand the unique requirements of OT infrastructures and bring extensive experience and expertise in cybersecurity. Axians and Actemium offer exactly this expertise and provide tailored IT security solutions as OT Security-as-a-Service.

Industrial companies benefit from in-depth expertise without having to build internal resources, resulting in significant cost savings. Additionally, they can adapt security measures flexibly to individual requirements and company growth. Continuous monitoring of systems ensures that cybersecurity experts, with the help of specialized solutions, immediately detect and mitigate threats. This allows industrial companies to focus on their core tasks while the security of their OT infrastructures is guaranteed.

Would you like to learn more about how Axians and Actemium together protect your OT systems from increasing cyber threats and prepare you for growing regulatory requirements such as the CRA or NIS2? On our information page, you will find more details and can also download the free ePaper on the topic.

Source of title image: Adobe Stock/Thares2020