sb-eu logo
Story image

Gartner predicts 75% of CEOs to be liable for cyber-physical security incidents by 2024

02 Sep 2020

Within the next four years, liability for cyber-physical security incidents will pierce the corporate veil to personal liability for three out of every four CEOs, according to new research from Gartner.

Cyber-physical systems (CPSs) are systems engineered to orchestrate sensing, computation, control, networking and analytics to interact with the physical world – including humans.

CPSs are critical to all connected IT, OT and IoT processes where both the cyber and physical worlds are affected by security considerations.

According to Gartner, the nature of CPSs means incidents can quickly lead to physical harm to people, destruction of property or environmental disasters – and Gartner’s new research indicates that these incidents will increase drastically in the next few years if the lack of spending on these assets continues.

“Regulators and governments will react promptly to an increase in serious incidents resulting from failure to secure CPSs, drastically increasing rules and regulations governing them,” says Gartner research vice president Katell Thielemann.

“In the US, the FBI, NSA and Cybersecurity and Infrastructure Security Agenda (CISA) have already increased the frequency and details provided around threats to critical infrastructure-related systems, most of which are owned by private industry. 

“Soon, CEOs won’t be able to plead ignorance or retreat behind insurance policies.”

The financial impact of CPS attacks resulting in fatalities will reach over US$1 billion by 2023, according to Gartner.

“Technology leaders need to help CEOs understand the risks that CPSs represent and the need to dedicate focus and budget to securing them,” says Thielemann.

“The more connected CPSs are, the higher the likelihood of an incident occurring.”

Thielemann goes on to say that with operational technology, smart buildings, smart cities, connected cars and autonomous vehicles evolving, incidents in the digital world will have a much greater effect in the physical world as risks, threats and vulnerabilities now exist in a bidirectional, cyber-physical spectrum. 

However, many enterprises are not aware of CPSs already deployed in their organisation, either due to legacy systems connected to enterprise networks by teams outside of IT, or because of new business-driven automation and modernisation efforts.

“A focus on ORM – or operational resilience management - beyond information-centric cybersecurity is sorely needed,” says Thielemann.

Gartner’s research comes as the company recently named Adobe a Leader in the 2020 Magic Quadrant for Digital Commerce.

It is the fourth year that Adobe has been named a Leader, and this year, Adobe achieved the highest placement on the ability to execute axis in the Leaders quadrant of the 15 participating vendors that were evaluated on their ability to execute and completeness of vision.

Story image
Is cyber deception the latest SOC 'game changer'?
Cyber deception reduces data breach costs by more than 51% and Security Operations Centre (SOC) inefficiencies by 32%, according to a new research report by Attivo Networks and Kevin Fiscus of Deceptive Defense.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More
Story image
Interview: Check Point profiles 5 battles that SOC teams face in 2020
Security operations centres (SOCs) are often the first lines of defence.More
Story image
ESET launches the latest version of its Mobile Security solution
“With this latest version of ESET Mobile Security, we want to ensure our users feel completely secure when performing financial transactions on their devices, in addition to being protected from malware and phishing attempts."More
Story image
Gartner: Security leaders must balance risk, trust and opportunity
Security and risk leaders must focus on balancing risk, trust and opportunity to help maintain the ability of their organisations to function.More
Story image
Kaspersky releases new report on consumer’s approach to digital services
COVID-19 related restrictions and the necessity to stay indoors has influenced the way people approach digital services, making them more aware of how securely both they, and their housemates, use the internet.More