全球針對(duì)制造商的網(wǎng)絡(luò)攻擊增加,但不到一半企業(yè)在安全方面做好了準(zhǔn)備
http://www.debgrams.com 2025-02-26 16:04 《中華工控網(wǎng)》翻譯
Cyber Attacks on Manufacturers Up Globally, But Less Than Half Prepared in Security
全球針對(duì)制造商的網(wǎng)絡(luò)攻擊增加,但不到一半企業(yè)在安全方面做好了準(zhǔn)備
A global study by Omdia has found that 80% of manufacturing firms experienced a significant increase in overall security incidents or breaches last year, but only 45% are adequately prepared in their cyber security.
Omdia的一項(xiàng)全球研究發(fā)現(xiàn),去年80%的制造企業(yè)的整體安全事件或違規(guī)行為顯著增加,但只有45%的企業(yè)在網(wǎng)絡(luò)安全方面做好了充分準(zhǔn)備。
Omdia surveyed over 500 technology executives worldwide on the convergence of Information Technology (IT) and Operational Technology (OT)–or physical systems–in their core operations, and how they managed cyber security challenges. The report for the study was produced in partnership with Telstra International, the global arm of leading telecommunications and technology company Telstra.
Omdia調(diào)查了全球500多名技術(shù)高管,了解信息技術(shù)(IT)和運(yùn)營(yíng)技術(shù)(OT)或物理系統(tǒng)在其核心運(yùn)營(yíng)中的融合,以及他們?nèi)绾螒?yīng)對(duì)網(wǎng)絡(luò)安全挑戰(zhàn)。該研究報(bào)告與Telstra International合作編寫(xiě),Telstra International是領(lǐng)先的電信和技術(shù)公司Telstra的全球部門(mén)。
The heightened risk of cyber attacks comes as manufacturers move to leverage IT such as cloud, AI, and Internet of Things (IoT) as part of their digital transformation–a process defined as Industry 4.0. While the convergence of IT with traditional OT can increase scale, resilience and efficiency in operations, it also increases the attack surface for cyber threats. Critical industries are increasingly lucrative targets for cyber exploitation including ransomware.
隨著制造商開(kāi)始利用云、AI和物聯(lián)網(wǎng)(IoT)等IT作為其數(shù)字化轉(zhuǎn)型的一部分,這一過(guò)程被定義為工業(yè)4.0,網(wǎng)絡(luò)攻擊的風(fēng)險(xiǎn)也隨之增加。雖然IT與傳統(tǒng)OT的融合可以提高運(yùn)營(yíng)規(guī)模、彈性和效率,但它也增加了網(wǎng)絡(luò)威脅的攻擊面。關(guān)鍵行業(yè)越來(lái)越成為網(wǎng)絡(luò)利用(包括勒索軟件)有利可圖的目標(biāo)。
Manufacturers affected by a cyber attack reported a resilience or availability issue that cost individual firms between US$200,000 and US$2 million, taking the biggest hit when incidents affected enterprise and corporate systems or production control.
受網(wǎng)絡(luò)攻擊影響的制造商報(bào)告稱(chēng),彈性或可用性問(wèn)題給單個(gè)公司造成了20萬(wàn)至200萬(wàn)美元的損失,當(dāng)事件影響企業(yè)和企業(yè)系統(tǒng)或生產(chǎn)控制時(shí),受到的打擊最大。
Geraldine Kor, Telstra International’s Head of Global Enterprise Business, said: “Greater connectivity between IT and OT is necessary to harness advanced technology for manufacturing innovation, but it increases the risks of a breach. However, very few firms are mature in protecting and defending against such cyber risks.“
Telstra International全球企業(yè)業(yè)務(wù)主管Geraldine Kor表示:“要利用先進(jìn)技術(shù)進(jìn)行制造創(chuàng)新,必須加強(qiáng) IT 和 OT 之間的連接,但它會(huì)增加泄露的風(fēng)險(xiǎn)。然而,很少有公司在保護(hù)和防御此類(lèi)網(wǎng)絡(luò)風(fēng)險(xiǎn)方面成熟。”
“Our study also uncovered a fragmented approach to security responsibility, which can leave manufacturing businesses without a clear direction. This responsibility must be clear and integrated so that one group or person will have the authority to act on security challenges for mission-critical systems. It is equally important to have the right people and security-focused culture as their absence will hinder security posture readiness, compounding technical challenges.”
“我們的研究還揭示了一種分散的安全責(zé)任方法,這可能會(huì)使制造企業(yè)沒(méi)有明確的方向。此責(zé)任必須明確且集成,以便一個(gè)組或個(gè)人有權(quán)對(duì)任務(wù)關(guān)鍵型系統(tǒng)的安全挑戰(zhàn)采取行動(dòng)。 擁有合適的人員和注重安全的文化同樣重要,因?yàn)樗麄兊娜毕瘜⒆璧K安全態(tài)勢(shì)的準(zhǔn)備,從而加劇技術(shù)挑戰(zhàn)。”
Ganesh Narayanan, Telstra International’s hlobal head of Cyber Security, noted that the manufacturing and other industrial sectors historically relied on air gapping for security, where OT systems are typically segregated from corporate IT systems to protect against external threats. However, this approach is no longer sustainable with increasing IT-OT convergence, which expands the threat surface significantly.
Telstra International網(wǎng)絡(luò)安全主管Ganesh Narayanan指出,制造業(yè)和其他工業(yè)部門(mén)歷來(lái)依賴(lài)空氣間隙來(lái)實(shí)現(xiàn)安全,其中OT系統(tǒng)通常與企業(yè)IT系統(tǒng)隔離,以抵御外部威脅。但是,隨著IT-OT融合的提高,這種方法不再可持續(xù),這大大擴(kuò)大了威脅面。
He said: “IT and OT integration create enormous value for organisations across industries, although organisations must address risks to unlock its potential. Organisations should prioritise IT/OT and IoT security across six core areas: Collaboration and planning, defining a strategy, bolstering technical expertise, assign responsibility and accountability, leveraging the right tools, and expedite readiness with standards.”
他說(shuō):“IT和OT集成為各行各業(yè)的組織創(chuàng)造了巨大的價(jià)值,盡管組織必須解決風(fēng)險(xiǎn)以釋放其潛力。組織應(yīng)在六個(gè)核心領(lǐng)域優(yōu)先考慮IT/OT和IoT安全:協(xié)作和規(guī)劃、定義策略、加強(qiáng)技術(shù)專(zhuān)業(yè)知識(shí)、分配責(zé)任和問(wèn)責(zé)制、利用正確的工具以及加快標(biāo)準(zhǔn)準(zhǔn)備工作。”
Adam Etherington, Senior Principal Analyst at Omdia, said: “Our study illuminates critical attack vectors and lessons learned, and provides timely advice for any executive responsible for IT and OT.
Omdia高級(jí)首席分析師Adam Etherington表示:“我們的研究闡明了關(guān)鍵的攻擊向量和經(jīng)驗(yàn)教訓(xùn),并為任何負(fù)責(zé) IT 和 OT 的高管提供了及時(shí)的建議。
“More pervasive connectivity between IT and OT is essential across greenfield and brownfield manufacturing system design and enhancements. Step change improvements to innovation, availability, safety and security require firms to harness cloud, IoT, AI and private networks, with IT/OT convergence bringing these technologies to life.
“在綠地和棕地制造系統(tǒng)設(shè)計(jì)和增強(qiáng)中,IT和OT之間更普遍的連接至關(guān)重要。創(chuàng)新、可用性、安全和安全性的重大改進(jìn)要求公司利用云、物聯(lián)網(wǎng)、人工智能和專(zhuān)用網(wǎng)絡(luò),而IT/OT融合使這些技術(shù)栩栩如生。
“However, most firms have been hit with expensive outages and security incidents while traditional security controls, policies and culture struggle to keep pace. Given the magnitude of downtime costs from any breach or network incident that impacted operations, it’s important to better understand the causes for proactive remediation.”
“然而,大多數(shù)公司都遭受了代價(jià)高昂的中斷和安全事件的打擊,而傳統(tǒng)的安全控制、政策和文化難以跟上步伐。鑒于影響運(yùn)營(yíng)的任何漏洞或網(wǎng)絡(luò)事件造成的停機(jī)成本之大,更好地了解主動(dòng)補(bǔ)救的原因非常重要。”
相關(guān)新聞
- ? 2025 “灣區(qū)杯” 網(wǎng)絡(luò)安全大賽:聚焦前沿科技,護(hù)航未來(lái)城市安全
- ? 三菱電機(jī)擬收購(gòu)Nozomi Networks,強(qiáng)化工業(yè)網(wǎng)絡(luò)安全防御并推動(dòng)運(yùn)營(yíng)轉(zhuǎn)型
- ? 2025年護(hù)航新型工業(yè)化網(wǎng)絡(luò)安全專(zhuān)項(xiàng)行動(dòng)啟動(dòng)
- ? 工業(yè)領(lǐng)域?yàn)閼?yīng)對(duì)日益增加的網(wǎng)絡(luò)攻擊,OT網(wǎng)絡(luò)安全市場(chǎng)將在2028年達(dá)216億美元
- ? 皮爾磁:工業(yè)網(wǎng)絡(luò)安全的新盾牌
- ? 皮爾磁:從安全立法新規(guī)聊企業(yè)應(yīng)對(duì)之策
- ? 2024年RSA大會(huì)回顧:工業(yè)網(wǎng)絡(luò)安全的發(fā)展趨勢(shì)和未來(lái)機(jī)遇
- ? 派拓網(wǎng)絡(luò)推出業(yè)界首個(gè)針對(duì)云優(yōu)化的SOC平臺(tái)
- ? 中控OMC系統(tǒng)通過(guò)IEC 62443 SL2級(jí)網(wǎng)絡(luò)安全國(guó)際認(rèn)證
- ? Anybus獲得IEC 62443-4-1工業(yè)網(wǎng)絡(luò)安全標(biāo)準(zhǔn)ML3認(rèn)證
編輯精選
- ? 賦能綠色智造 臺(tái)達(dá)與長(zhǎng)三角制造企業(yè)探討智造新路徑
- ? 2025 年伺服電機(jī)行業(yè)產(chǎn)業(yè)布局深度解析
- ? HMS行業(yè)洞察:2025工業(yè)網(wǎng)絡(luò)市場(chǎng)全景解讀
- ? 總投資15億元!ABB超級(jí)工廠(chǎng)落子南京
- ? 構(gòu)筑工業(yè) AI 時(shí)代的數(shù)據(jù)底座,藍(lán)卓supOS X工廠(chǎng)操作系統(tǒng)全球首發(fā)
- ? CC-Link協(xié)議家族與會(huì)員單位集中亮相,共話(huà)行業(yè)新發(fā)展
- ? 2025 工業(yè)操作系統(tǒng)大會(huì)在蘇州隆重開(kāi)幕
- ? 創(chuàng)新、落地、增效:施耐德電氣以AI賦能產(chǎn)業(yè)新生態(tài)
- ? 西門(mén)子2026 年數(shù)字化程度展望
- ? 國(guó)家統(tǒng)計(jì)局:11月工業(yè)機(jī)器人產(chǎn)量增長(zhǎng)超20%
工控原創(chuàng)
- ? 統(tǒng)一以太網(wǎng)標(biāo)準(zhǔn)再迎里程碑,SPE 和 Ethernet-APL 解鎖工業(yè)數(shù)字化新機(jī)遇
- ? 11月RatingDog中國(guó)制造業(yè)PMI降至49.9,供需走弱重回收縮區(qū)間
- ? 11月工控圈發(fā)生了這些矚目的大事件
- ? 十月工控領(lǐng)域重要資訊,一睹為快!
- ? 回顧 | 以技術(shù)干貨 + 落地案例,解鎖產(chǎn)業(yè)升級(jí)新路徑
- ? ABB報(bào)告:工業(yè)停機(jī)每小時(shí)損失高達(dá)50萬(wàn)美元,知行鴻溝阻礙現(xiàn)代化更新
- ? ABB宣布以53.75億美元將機(jī)器人業(yè)務(wù)出售給軟銀
- ? 九月不容錯(cuò)過(guò)的工控圈大事
- ? 當(dāng)“軟件定義”與“價(jià)值鏈”相遇,未來(lái)工業(yè)走向何方?
- ? 西門(mén)子:以“一次正確”破局內(nèi)卷,讓工業(yè)AI真正落地
