David Bicknell, Principal Analyst in the Thematic Intelligence team at GlobalData, a leading data and analytics company, offers his view. 

It’s the one-year anniversary of the ransomware attack on energy pipeline operator Colonial Pipeline, which led to widespread fuel shortages along the US East Coast. Following the attack came the news that the US Department of Transportation’s Pipeline and Hazardous Materials Safety Administration (PHMSA) had subsequently found management failings at the company, resulting in a possible US$1 million civil penalty. 

 “The Colonial Pipeline ransomware attack was more than a wake-up call to critical national infrastructure. It was a sharp, well-placed dig to the ribs that highlights the threat of a cyber-attack bridging the traditional corporate information technology network and the operational technology systems that control industrial equipment. In the case of Colonial Pipeline, the systems that manage the flow and distribution of fuel through the company's pipelines,” remarked Mr Bicknell.

“Colonial Pipeline exposed the soft underbelly of US critical infrastructure, which quickly got the White House’s attention, and led to tighter rules on breach notification. The attack made it crystal clear how a single, well-targeted cyber attack can create chaos and cause devastating impacts on government, business, and the public.

The need to move to a ‘zero-trust’ security model

“Some organisations are still relying on the hopeful (but fatal) thought: ‘it won’t happen to me’. For example, a GlobalData survey in the UK found that 29 per cent of small-medium businesses cancelled their cyber insurance policies in 2021. However, most boards and C-Suites are now more cyber aware than they were before,” Mr Bicknell continued.

 

“Perhaps the biggest lesson learned from the Colonial Pipeline attack is that critical infrastructure owners and operators must assume that experiencing an attack is inevitable, and understand that the ability to recover quickly is critical to both the safety of operations and, ultimately, the financial stability of the business.”

GlobalData’s report, ‘Cybersecurity – Thematic Research’ highlights that the global cybersecurity industry will grow from US$125.5 billion in 2020 to US$198 billion in 2025. 

The report urges that no one – not even security providers themselves – is safe from attack. Securing hybrid working, coping with ransomware and continuing supply chain threats, and moving to a zero-trust security model as a long-term solution to data breaches are expected to drive strong security growth over the next three years.