Key Trends on Cyber Security for Critical National Infrastructure: Frost & Sullivan

It was only the last year, Ransomware viruses hit two cities in Florida that made large ransom payments to gain back access to city files that were encrypted in the attacks. These breaches incurred insured property losses of over $600,000 in Riviera Beach City and $500,000 in Lake City, leading to huge disruptions to normal life. The main challenge before Critical National Infrastructure (CNI) operators is the reliance of CNI on legacy IT systems and operational technology (OT) systems. These legacy systems were not designed with cybersecurity in mind. However, they are now increasingly networked and connected to the internet to enable more efficient control and real-time monitoring. This, in turn, has the effect of creating new vulnerabilities, which potentially exposes the systems to cyber-attacks.

According to Frost & Sullivan’s research, Global Use-Cases for Cybersecurity Solutions in Critical National Infrastructure, the CNI cybersecurity market is projected to grow to $119.23 billion by 2024. This growth is thanks to the growing and evolving threat to CNI, and the creation of an increasingly competitive environment for cyber suppliers as cyber-specific firms have been joined by new market entrants from the defense and commercial IT sectors.

The Frost & Sullivan security team has been tracking cybersecurity incidents on CNI around the world over the past years. By following these incidents, the team has gathered insights on recent cybersecurity trends, historical attacks, and what are the growth opportunities for the security industry.

Trends that will shape the 2020 Cybersecurity in CNI landscape:

In all likelihood, data breaches will continue for as long as personal and organizational data remains a valuable black market commodity. Sensitive data of CNI’s in the wrong hands can prove disastrous leading to huge losses and disruptions to normal life.

There are many critical infrastructure technologies that are based on legacy IT and OT systems. They are poorly secured, posing serious risks to utilities, and ultimately national security. Stopping the exploitation of these loopholes by cyber attackers and plugging these loopholes will play a crucial role in the cybersecurity of CNI.

In the future, as the reliance on virtual infrastructure in CNI becomes acceptable; the physical redundancies may be abandoned, which would make it easier for an attacker to carry out a devastating breach that can cause real damage. Maintaining physical backups or other physical redundancies can reduce the impact of a successful attack.

Last year, an increasing number of institutions overseeing the critical parts of daily life – suffered IT system shutdowns as a result of ransomware attacks.

The importance of cybersecurity is on the rise. The society we live in is more technologically reliant than ever before and there is no sign of this trend buckling down. Having a robust cybersecurity plan for CNI and safeguarding can have a significant economic benefit by reducing the impact of a potential cyberattack and increasing the effort for threat actors to attack the facility.