Majority of Thai organisations experienced an OT attack in 2023

The report surveyed 1,979 operational technology (OT) and IT business leaders across 23 countries globally, including 101 leaders in Thailand, to understand the trends, risks, and cyber resilience strategies within OT environments, offering insights into the challenges faced by organisations across the globe. 

Industrial operations across Thailand are increasingly under regular and widespread cyberattacks, forcing operational shutdowns which result in lost revenue and significant remediation costs.

At the same time, operators face increased compliance requirements as well as new risks posed by their adoption of new technologies and processes, including AI, remote access, cloud, 5G, and robotics.

As a result, industrial operators are increasingly conscious of the need to adapt cybersecurity to the new demands of the day.

Key findings for Thailand from the report reveal a concerning landscape in OT security: 

Industrial operations are at high risk of cyberattacks – Industrial operations were once believed to be immune to cyberattacks given their air-gapped systems, legacy assets, proprietary technologies, and fragmented end markets.

This is no longer the case. 72% of Thai respondents stated that their organisations had experienced at least one cyberattack in the past year. Equally alarming is the frequency of these attacks, with over 58% of respondents experiencing attacks often monthly or weekly. 

Cyberattacks can shut down Thai OT operations – The impact of these attacks has been significant, with a (35.1%) of Thai organisations having to shut down industrial operations in the last year due to a successful attack.

This dangerous state of affairs is driving industrial operators to increasingly focus on security for their OT environments - 49% of Thai respondents consider it a high priority, and nearly half (57%) expect to increase spending on OT cybersecurity in the next two years. 

Friction between OT and IT is a challenge – Despite the urgency, there remains a disconnect between OT and IT teams, hindering coordinated responses to threats. When asked to describe the relationship between OT and IT, 40% stated that it was frictional, with only 11.8% answering that their teams are aligned.

Furthermore, only 33% of respondents reported shared responsibility for OT cybersecurity purchase decisions between the two teams. This disparity is due to the historical roles of both teams, with IT traditionally being in charge of company-wide security, while OT has historically focused on industrial operations. 

AI is a double-edged sword – AI has already caught the attention of industrial operators, but the judgement on its value is split between fear of AI-enabled attacks and demand for AI-enabled protection.

The survey found that 84.3% of respondents in Thailand identified AI attacks against OT as a critical issue today, but 77% also agreed that AI will be key to stopping OT attacks.

The move to the cloud will reinforce OT security – AI is not the only new technology making its way into OT environments, with operators also getting ready to implement cloud solutions, among others. The report found that 76.5% of organizations in Thailand believed the move to cloud will reinforce OT security. However, 61of them also stated it would create increased cybersecurity challenges in the next two years.  

Zero Trust is the North Star – The report also underscores the criticality of embracing a Zero Trust approach to OT security, with 76% of industrial respondents endorsing it as the right strategy. However, deployment rates remain relatively low, with just over 16% having fully implemented Zero Trust solutions for their OT/IT environments.

Piya Jitnimit, Country Manager, Thailand at Palo Alto Networks, said, “We are seeing some industrial organisations face shutdown production from cyberattack. These organisations should adopt two key strategies. First the security connection between OT and IT to ensure and mitigate new risks. Secondly a Zero Trust approach must be adopted to secure access”.   

In this digital age, where connectivity is omnipresent, traditional security measures alone are insufficient to combat sophisticated cyber threats. An AI-led approach stands at the forefront of defence, offering unparalleled capabilities to analyse massive data volumes at speed, as well as identify patterns indicating imminent threats, even before an attack occurs.

Furthermore, a close collaboration between the IT and OT teams is essential, to ensure a consolidated approach to cybersecurity.”