Industrial operations across Australia are increasingly under regular and widespread cyberattacks, forcing operational shutdowns which result in lost revenue and significant remediation costs.

At the same time, operators face increased compliance requirements as well as new risks posed by their adoption of new technologies and processes, including AI, remote access, cloud, 5G, and robotics. As a result, industrial operators are increasingly conscious of the need to adapt cybersecurity to the new demands of the day.

More than four in five (82%) Australian operational technology (OT) and IT business leaders stated that their organisations had experienced a cyberattack in the past year – the fourth largest target globally, according to a new report from global cybersecurity leader, Palo Alto Networks. Equally alarming is the frequency of these attacks, with 70% of respondents experiencing attacks often monthly or weekly. 

The impact of these attacks has been significant, with over one-quarter (28.6%) of Australian organisations having to shut down industrial operations in the last year due to a successful attack, whether as a pre-emptive measure or due to actual disruption.

This is driving industrial operators to increasingly focus on security for OT environments; with nearly two-thirds (61.2%) of Australian OT and IT leaders considering it a high priority, and 52% expecting increased spending on OT cybersecurity in the next two years. Despite this awareness, Australia sits in the bottom half globally in OT security prioritisation, behind Germany, Japan and Italy. 

Despite the urgency, there remains a disconnect between OT and IT teams, hindering coordinated responses to threats, especially regarding security investment. When asked to describe the relationship between OT and IT, 40% of respondents stated that it was frictional, with only 14% answering that their teams are aligned. Only two in five (42%) of respondents reported shared responsibility for OT cybersecurity purchase decisions between the two teams.

AI has already caught the attention of industrial operators, but the judgement on its value is split between fear of AI-enabled attacks and demand for AI-enabled protection. The survey found that 75% of Australian respondents identified AI attacks against OT as a critical issue today, but eight out of 10 also agreed that AI will be key to stopping OT attacks.

The report found that 80% of Australian respondents believed the move to cloud will reinforce OT security. However, over half (54%) of them also stated it would create increased cybersecurity challenges in the next two years.  

The report also underscores the criticality of embracing a Zero Trust approach to OT security, with 84% of industrial respondents endorsing it as the right strategy. However, deployment rates remain relatively low, with just under a third of respondents having fully implemented Zero Trust solutions for their OT/IT environments.