Claroty, a company specializing in cyber-physical system (CPS) protection, releases a new study that sheds light on the significant impacts of cyberattacks in environments with cyber-physical systems (CPS). The report “The Global State of CPS Security 2024: The Impact of Business Disruptions” (The Global State of CPS Security 2024: Business Impact of Disruptions) is based on an independent global survey of 1,100 professionals in information security, OT engineering, clinical and biomedical engineering, and facilities management and plant operations on the impacts of cyberattacks on their organizations over the past 12 months.
The research also includes data from interviews with executives of organizations in Brazil. The results revealed a significant financial impact, with three out of five (62%) Brazilian organizations reporting a financial impact ranging from $100,000 to nearly $500,000 due to cyberattacks that affected their cyber-physical systems. Several factors contributed to these losses, the most common being revenue loss (reported by 86% of the organizations interviewed in Brazil), recovery costs and legal fees (42%), and regulatory fines (38%).
Ransomware continues to play a significant role in recovery costs, with seven out of ten (71%) Brazilian organizations having paid nearly US$500,000 in ransom demands to regain access to encrypted systems and files and resume operations. This problem is particularly severe in the global health sector – 78% of respondents worldwide reported ransom payments exceeding $500,000 – as ransomware and extortion attacks in hospitals and clinical environments continue to occur almost nonstop.
Closely linked to financial losses are operational impacts, with more than half of organizations in Brazil (54%) reporting one to twelve hours of operational downtime affecting their ability to produce goods or services. About half (48%) of organizations in Brazil said the recovery process took up to six days, and nearly two in ten (18%) reported that recovery took up to a month. This is particularly notable given that environments with cyber-physical systems, such as manufacturing plants, prioritize the availability and uptime of critical systems—even at the expense of timely security updates and features.
Considering the root cause of these cyberattacks, third-party exposures and remote access persist within organizations. More than half (52%) of Brazilian organizations reported that one to five attacks occurred in the last 12 months, while 48% reported between five and ten attacks, originating from third-party suppliers' access to the CPS environment. However, half of Brazilian organizations (50%) admit to having only some knowledge about third-party connectivity with the cyber-physical systems environment, but are concerned about what they do not know about it.
Although the results show that the last 12 months were disruptive and costly for most organizations in Brazil equipped with cyber-physical systems, the interviewees also demonstrated growing confidence and improvements in their corporations' risk reduction efforts. Most (56%) have greater confidence in their organization's CPSs' ability to withstand cyberattacks today compared to 12 months ago, and more than half (46%) expect to see measurable improvements in cyber-physical system security in the next 3 months.
“The impacts of cyberattacks on asset-intensive organizations can be detrimental to operations and, in fact, often require the level of loss we saw in our study to prompt the necessary cybersecurity investments,” says Grant Geyer,Chief Strategy Officerfrom Claroty. To evolve from a reactive process to a proactive one that will reduce losses, we also found that organizations are changing their mindset – they are beginning to consider it fundamental to fulfilling an organization's mission. The insights from this report confirm that not investing in the very specific challenge of protecting cyber-physical systems can lead to a serious impact on the organization's financial results and that, fortunately, corporations are beginning to realize the return on this investment.
Italo Calvano, Vice President of Claroty in Latin America, emphasizes that: "CISOs have already understood that protecting the corporate environment is essential, but protecting the business is vital for the company's survival." Preserving lives and ensuring business continuity connect CISOs directly toboardof organizations, increasing the relevance of cybersecurity. This movement is strengthened by market initiatives, such as the 'Global CyberSecurity Outlook 2024from the World Economic Forum, which points to "increasingly alarming attacks on critical infrastructure." In Brazil, we have the ONS with its Operational Routine RO-CB.BR.01, which establishes minimum cybersecurity controls for the regulated environment. utilities Brazilian women. Another important milestone is Decree No. 11,856 of the Brazilian Government, which highlights "the prevention of incidents and cyberattacks, especially those directed at critical infrastructures and essential services to society."
To learn more, download the full report:The Global State of CPS Security 2024: The Impact of Business Disruptions.
