• Advertise
  • Subscribe
  • Forums
  • Buyer's Guide
  • Contact Us
  • Connect on LinkedIn
    1. Critical Infrastructure

    New study reveals 92% of industrial sites at risk from unsecured remote access

    Jan. 22, 2025
    The DeNexus study highlights the critical need for enhanced security measures in industrial remote access solutions.
    6791695834caf429c0559bcb Agriculturalsilosbuildingexterior 14667119370

    DeNexus, a leader in end-to-end cyber risk management for operational technology (OT) in industrial enterprises and critical infrastructures with cyber-physical assets, today announced the results of a comprehensive analysis of 254 industrial sites across North America, Europe, and Australia that has revealed that 92% of sites face significant cyber exposures related to remote services, with potential losses reaching up to $1.5 million per site. The study, conducted by DeNexus using their DeRISK platform, highlights the critical need for enhanced security measures in industrial remote access solutions.

    Key findings include:

    • 88% of analyzed sites identified remote services (a MITRE ATT&CK initial access vector) as their most significant cybersecurity risk.

    • The manufacturing sector shows the highest exposure, with average expected losses of $875,000.

    • The renewable energy sector demonstrates lower but still significant risk, with expected losses around $150,000.

    • Average annual expected loss related to remote services reaches $223,000 per site.

    "The industrial sector's rapid adoption of remote access technology has created a perfect storm for cyber risk," said Jose Seara, CEO of DeNexus. "Our research reveals a stark reality: 92% of industrial sites are operating with significant cyber vulnerabilities that could lead to substantial financial losses. This isn't just about technology—it's about protecting critical infrastructure that powers our economy."

    To mitigate remote access vulnerabilities, DeNexus recommends implementing frequent vulnerability scanning and patching on at least a monthly basis, along with strict authentication measures, including multi-factor authentication. Organizations should also deploy just-in-time authorization for remote access, strengthen network segmentation between OT and IT systems, and maintain robust password management with regular updates and account lockout policies.

    The study's timing is particularly relevant as recent research from Claroty in 2024 indicates that organizations are deploying too many remote access solutions within OT environments. This over-deployment creates excessive risk and operational challenges. Additionally, separate research by Takepoint Research found that remote services were the primary attack vector in 17 out of 24 major cyberattacks on OT environments.

    "Remote services continue to represent a critical vulnerability in industrial cybersecurity," says Jonathon Gordon, industry analyst at Takepoint Research. "To mitigate the growing cyber risks associated with remote access, industrial enterprises should consider solutions like DeNexus to accurately evaluate and manage incremental risks."

    The full report includes a detailed analysis of risk exposure across different industrial sectors and provides comprehensive recommendations for securing remote access in industrial environments.

    To access the full report, please visit https://blog.denexus.io/resources/data-report-remote-services.

    DeNexus expands cyber risk management capabilities to the physical security of data center facilities
    DeNexus