77% of organizations across U.S. critical national infrastructure have seen more insider-driven cyber threats in the past three years. (Photo: ICAO)
A recent survey conducted by Bridewell, a cybersecurity services company headquartered in the UK, reveals a concerning surge in insider cyber threats within critical national infrastructure (CNI) organizations. The transport and aviation sectors are particularly at risk. As economic uncertainties loom, organizations are facing budget cuts in cybersecurity, further exacerbating the threat landscape. This research is some of the first conducted by Bridewell that focuses on the U.S.
Bridewell’s Principal Lead Consultant, Chase Richardson, talked about the consequences of these trends—and how organizations can mitigate cyber threats—in a recent interview with Avionics International.
“Over the past decade, cybersecurity has become a mainstay in overall budgets at organizations,” he explained. “However, in in the past 12 to 18 months, we’ve seen a reduction in those budgets with our clients in the aviation sector—as well as those that we surveyed.”
The economic downturn has prompted a reduction in cybersecurity budgets across various industries, including transport and aviation. While cybersecurity had become a significant component of organizational budgets over the past decade, recent financial instabilities have led to budget pullbacks. The economic uncertainty also fuels concerns about an increase in cybercrime within organizations. As employees face job insecurity and financial pressures, a notable 30% of surveyed companies expect an upsurge in internal cybercrime. Simultaneously, approximately 34% anticipate an increase in external cyberattacks orchestrated by tech-savvy individuals driven by economic conditions.
To adapt to budgetary limitations, organizations are adopting different strategies. Outsourcing historically internal cybersecurity activities to third parties can offer potential cost savings, Richardson commented. Companies may also delay cybersecurity projects and assessments, hoping for improved economic conditions in the future.
Additionally, he emphasized the consolidation of vendors as a growing trend. The aviation industry, in particular, has experienced an influx of vendors supplying various components, leading to increased risk exposure. “It’s becoming a tipping point of having too many vendors to try to manage,” he said. Consolidating vendors allows organizations to streamline risk analysis and assessment, resulting in time and cost savings.
Among the numerous cyber threats faced by the aviation industry, ransomware attacks pose the most significant concern. Ransomware can effectively paralyze an organization’s daily operations, impeding access to essential systems and applications.
Bridewell’s survey indicates an average of 24 ransomware-related incidents within the aviation industry over the past year alone. This number likely underestimates the actual occurrence, Richardson noted. “We see those numbers underreported because no company wants to admit when they’ve had these cyber attacks.” It is crucial to acknowledge that ransomware attacks will remain a persistent threat in the aviation industry and elsewhere.
Richardson suggests several strategies to combat the risks posed by insider cyber threats. Firstly, organizations should prioritize maintaining a sufficient cybersecurity budget, even amidst poor economic conditions. Investing in robust cybersecurity measures and staff training is vital to ensure proactive defense against evolving threats.
Additionally, organizations must cultivate a strong cybersecurity culture, emphasizing employee awareness and education on cybersecurity best practices. Regularly evaluating and updating security protocols, conducting cybersecurity assessments, and engaging third-party experts can further bolster defenses.
The alarming rise in insider cyber threats within critical infrastructure organizations, including the transport and aviation sectors, demands immediate attention. Economic uncertainties have led to reduced cybersecurity budgets, increasing the risk of internal and external cybercrime. Ransomware attacks, in particular, pose severe consequences for organizations. By implementing strategic measures such as outsourcing, vendor consolidation, and maintaining cybersecurity budgets, organizations can better defend against insider threats. To protect critical infrastructure and ensure global security and stability, it’s necessary to cultivate a cybersecurity culture and stay informed about emerging trends.