Intelligent CISO Issue 46 | Page 27

editor ’ s question

HOW MUCH OF A CONCERN IS PROTECTING CRITICAL

INFRASTRUCTURE AND HOW SHOULD ORGANISATIONS GO ABOUT DOING

THIS PRAGMATICALLY ?

? y 2025 , 30 % of critical infrastructure

B organisations will experience a security breach that will result in the halting of an operations system or mission-critical cyber-physical system , according to Gartner . Critical infrastructure security has become a primary concern for governments around the world , with the US , UK , EU , Canada and Australia each identifying sectors deemed ‘ critical infrastructure ’, for example , communications , transport , energy , water , healthcare and public facilities .

In some countries , critical infrastructure is state-owned , while in others , like the US , private industry owns and operates a much larger portion of it .
“ Governments in many countries are now realising their national critical infrastructure has been an undeclared battlefield for decades ,” said Ruggero Contu , Research Director at Gartner .
“ They are now making moves to mandate more security controls for the systems that underpin these assets .”
A Gartner survey showed that 38 % of respondents expected to increase spending on Operational Technology ( OT ) security by between 5 % and 10 % in 2021 , with another 8 % of respondents predicting an increase of above 10 %.
However , this may not be enough to counter underinvestment in this area over many years , according to Gartner .
“ Besides the need to catch up , there is a growing number of increasingly sophisticated threats ,” said Contu . “ Owners and operators of critical infrastructure are also struggling to prepare for the coming increased oversight .” www . intelligentciso . com
27