It has been one-year since the high-profile ransomware attack on energy pipeline operator Colonial Pipeline, which led to widespread fuel shortages along the East Coast. Add to that the later news that the U.S. Department of Transportation’s Pipeline and Hazardous Materials Safety Administration (PHMSA) found management failings at the company, resulting in a possible $1 million civil penalty, and it’s likely time to look back and see what can be learned from the incident.
David Bicknell, Principal Analyst in the Thematic Intelligence team at GlobalData, a leading data and analytics company, provided some insights on the lessons of Colonial Pipeline:
“The Colonial Pipeline ransomware attack was more than a wake-up call to U.S. critical infrastructure. It was a sharp, well-placed dig to the ribs that highlights the threat of a cyberattack bridging the traditional corporate information technology network and the operational technology systems that control industrial equipment. In the case of Colonial Pipeline, the systems that manage the flow and distribution of fuel through the company’s pipelines.
“Colonial Pipeline exposed the soft underbelly of U.S. critical infrastructure, which quickly got the White House’s attention and led to tighter rules on breach notification. The attack made it crystal clear how a single, well-targeted cyberattack can create chaos and cause devastating impacts on government, business and the public.
“Some organizations are still relying on the hopeful (but fatal) thought: “It won’t happen to me.” For example, a GlobalData survey in the U.K. found that 29% of small-medium businesses cancelled their cyber insurance policies in 2021. However, most boards and C-suites are now more cyber aware than they were before.
“Perhaps the biggest lesson learned from the Colonial Pipeline attack is that critical infrastructure owners and operators must assume that experiencing an attack is inevitable, and understand that the ability to recover quickly is critical to both the safety of operations and, ultimately, the financial stability of the business.”
GlobalData’s report, Cybersecurity – Thematic Research highlights that the global cybersecurity industry will grow from $125.5 billion in 2020 to $198 billion in 2025. The report urges that no one — not even security providers themselves — is safe from attack. Securing hybrid working, coping with ransomware and continuing supply chain threats, and moving to a zero-trust security model as a long-term solution to data breaches are expected to drive strong security growth over the next three years.