Latest news with #Dragos
Yahoo
3 days ago
- Business
- Yahoo
Financial impact from severe OT events could top $300B
This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. The global financial impact from catastrophic cyber events that disrupt operational technology could near $330 billion on an annual basis, according to a report that industrial cybersecurity firm Dragos and professional-services firm Marsh McLennan released on Tuesday. The cost of business interruptions in such a scenario would exceed $172 billion, according to the report. Those estimated losses are based on a so-called 1-in-250-year tail event and factor in global supply-chain impacts and other related events. Dragos researchers say the indirect losses, including the impact from disrupting normal operations, are the concerns that many companies fail to account for. 'We see OT companies investing the majority of their cybersecurity budget on IT networks,' said Mark Stacey, VP, risk and resilience solutions at Dragos, adding that companies often assume OT functioning as normal when production is ongoing. 'The potential impact of business interruption (whether direct through adversary action or indirect to an abundance of caution) is often underestimated,' he says. In comparison, the average annual global risk, including business interruption claims, is $12.7 billion, the average global aggregated risk over the next 12 months is $31 billion. The financial analysis is based on 10 years of breach and insurance-claims data from Marsh McLennan's Cyber Risk Intelligence Center. The report provides insights into the risks facing operational technology, which has experienced an increase in attacks in recent years. Manufacturing and other critical infrastructure sectors are increasingly dependent on connected technologies, including the need for remote-access tools that are often connected to the internet. The report highlights how specific defense strategies can reduce overall risk. The three OT security controls most associated with risk reduction were maintaining a comprehensive incident-response plan, using defensible architecture and performing continuous monitoring to preserve visibility into a network In recent months, companies have reported significant financial losses from cyberattacks that affected their supply chains or their ability to conduct online transactions. British department store chain Marks & Spencer took a $400 million hit after a social-engineering attack linked to the Scattered Spider cybercrime group. The company on Monday confirmed that it had restored its online ordering service, months after the April cyberattack. United Natural Foods, the distributor for retailers including Amazon's Whole Foods chain, said last month that a cyberattack also linked to Scattered Spider would cost the company at least $350 million in sales. Recommended Reading 6 security experts on what cyberthreats they expect in 2023
Techday NZ
3 days ago
- Business
- Techday NZ
OT cyber incidents may cost up to USD $329.5 billion globally
A new industry report has estimated that operational technology (OT) cyber incidents could result in global financial losses of up to USD $329.5 billion in the event of a severe but plausible scenario, with business interruption accounting for a significant proportion of the projected losses. The study, conducted by Marsh McLennan's Cyber Risk Intelligence Centre, used a decade's worth of breach and insurance claims data to determine both the potential financial impact of OT cyber events and the OT security controls that most effectively reduce that risk. The findings suggest that business leaders, insurers, and security professionals should focus on implementing measurable risk reduction strategies in industrial environments. According to the report, indirect losses are a major concern, impacting up to 70% of OT-related breaches. The study models worst-case scenarios in which the global financial risk from such incidents reaches as high as USD $329.5 billion, more than half of which - an estimated USD $172.4 billion - would result from business interruption. Robert M. Lee, Chief Executive Officer and Co-founder of Dragos, commented on the findings: "Executives are increasingly accountable for managing cyber risks, but many still lack a clear line of sight into OT environments. The ability to quantify OT cyber risk and correlate it to potential financial losses is a game-changer. This report fills a critical gap by translating OT security into measurable financial risk and assessing controls aimed at mitigating that risk." The key OT cybersecurity controls found to be most strongly correlated with risk reduction are incident response planning (up to 18.5% average risk reduction), defensible architecture (up to 17.09%), and ICS network visibility and monitoring (up to 16.47%). The analysis leveraged tens of thousands of simulations, representing one of the first statistical attempts to connect specific OT controls with quantifiable financial loss reduction based on real-world data. Mark Stacey, Vice President, Risk and Resilience Solutions at Dragos, highlighted the importance of understanding OT cybersecurity in business and financial terms: "For years, organisations have lacked the context needed to understand OT cyber risk in business and financial terms. This study fills that gap, linking real-world financial data with OT-specific security controls. It gives executives, risk managers, and insurers the shared language and framework they've been missing to prioritise, invest, and insure with confidence." The report also examined persistent challenges organisations face in managing and insuring OT cyber risk. These include an undefined financial impact due to lack of quantifiable data, difficulties in measuring return on investment in OT security measures, and uncertainty in determining which controls should be prioritised. By mapping the SANS ICS Five ICS Cybersecurity Critical Controls to observed outcomes in industry data and insurance claims, the report aims to provide a practical risk management framework. This is considered particularly urgent as OT-focused malware threats are on the rise and as regulatory requirements, such as the United States Securities and Exchange Commission's Form 8-K cyber incident disclosure rules, become more stringent for publicly listed companies. Scott Stransky, Head of the Cyber Risk Intelligence Centre at Marsh McLennan, underscored the significance of translating the implementation of controls into measurable financial benefits: "This report offers new visibility into the financial modeling of OT risk and provides insurers and OT operators alike with the confidence to take action. By statistically linking controls to measurable risk reduction, organisations can better evaluate client readiness and make more accurate, risk-based coverage decisions." The research indicates that organisations across industrial sectors - such as electricity, manufacturing, oil and gas, water, transportation, mining, and government - stand to benefit from adopting data-driven approaches to OT risk management and demonstrating the financial efficacy of their security investments. The findings are presented as a resource intended to bridge the information gap for boards, risk executives, and underwriters working to align OT cybersecurity planning with demonstrable financial outcomes in a landscape of evolving digital threats and regulatory obligations.
Techday NZ
4 days ago
- Business
- Techday NZ
OT cyber incidents could cost USD $329.5b, report warns
Dragos, in partnership with Marsh McLennan's Cyber Risk Intelligence Centre, has published the 2025 OT Security Financial Risk Report detailing the potential financial impact of operational technology (OT) cyber incidents and controls. The report estimates that global risk exposure associated with OT cyber incidents could reach USD $329.5 billion in extreme scenarios. Notably, 70% of OT-related breaches are shown to result in indirect financial losses, which are often omitted by conventional risk models. Statistical modelling and financial impact The study applied a decade of breach and insurance claims data, using tens of thousands of simulations to create what is described as the first statistical model correlating OT security controls with financial loss reduction. This analysis indicates that, in a severe yet plausible event occurring once every 250 years, global OT cyber losses could total USD $329.5 billion, with OT-related business interruption accounting for USD $172.4 billion of that figure. Three OT security controls emerged as most correlated with risk reduction. Incident response planning could result in up to 18.5% average risk reduction, defendable architecture up to 17.09%, and ICS network visibility and monitoring up to 16.47%. Executives are increasingly accountable for managing cyber risks, but many still lack a clear line of sight into OT environments. The ability to quantify OT cyber risk and correlate it to potential financial losses is a game-changer. This report fills a critical gap by translating OT security into measurable financial risk and assessing controls aimed at mitigating that risk. These were the words of Robert M. Lee, Chief Executive Officer and Co-founder at Dragos, commenting on the implications of the report for executives seeking actionable guidance. Barriers to effective OT security The report identifies three prominent challenges hindering effective OT cyber risk management. These include the absence of clear financial impact data related to OT incidents, difficulties in demonstrating return on investment for OT security controls, and a lack of independent benchmarks to prioritise OT controls. For years, organizations have lacked the context needed to understand OT cyber risk in business and financial terms. This study fills that gap - linking real-world financial data with OT-specific security controls. It gives executives, risk managers, and insurers the shared language and framework they've been missing to prioritize, invest, and insure with confidence. This was noted by Mark Stacey, Vice President, Risk and Resilience Solutions at Dragos. Regulatory pressures and industry standards The publication of the report comes at a time of growing regulatory attention to OT security, including the introduction of rules such as the US SEC's 8-K cyber incident disclosure requirements. The analysis represents one of the first large-scale efforts to map the SANS ICS Five Critical Controls directly to risk reduction percentages, using real-world data. By providing statistical links between specific controls and measurable risk reduction, the report aims to support both OT operators and insurers in evaluating organisational readiness and making risk-based coverage decisions. This report offers new visibility into the financial modeling of OT risk and provides insurers and OT operators alike with the confidence to take action. By statistically linking controls to measurable risk reduction, organizations can better evaluate client readiness and make more accurate, risk-based coverage decisions. Scott Stransky, Head of the Cyber Risk Intelligence Centre at Marsh McLennan, explained how the framework may benefit both the insurance sector and OT security decision-makers. The Dragos 2025 OT Security Financial Risk Report positions itself as a resource for risk executives, (re)insurers, and security leaders seeking quantifiable approaches to managing OT cyber risks and prioritising key security controls in accordance with current sector demands and regulatory frameworks.
Yahoo
09-05-2025
- Business
- Yahoo
If your Austin apartment feels smaller, it may very well be, new report says
Austin renters are getting noticeably less space than they did a decade ago, even as the average national apartment size has trended up. According to a new report from Austin lost more than 50 square feet in average apartment size in 10 years. Houston and Plano, meanwhile, saw barely any shrinkage — with decreases of less than 5 square feet, RentCafe said. "Texas may be known for 'bigger is better,' but Arlington has seen the steepest drop in apartment size in the U.S.," according to a news release from RentCafe, a nationwide apartment search website and a part of Yardi. "In just 10 years, the average apartment in the home of the Dallas Cowboys shrank by 215 square feet — enough space to accommodate an entire New York City micro-apartment, where the kitchen doubles as the living room," RentCafe said in a news release. In Austin, several factors are behind the apartment size changes in the city's rental market, said Adina Dragos, the report's author and a RentCafe research analyst. "There has been an increase in the share of studios and one-bedroom apartments compared to the decade before, while larger units like two-bedrooms have become less common," Dragos told the American-Statesman in an email. "What's more, the average size of all units has shrunk, leading to an overall trend of smaller living spaces. "These changes are likely to reflect shifting renter preferences towards more desirable areas such as big job hubs, even if it means choosing a smaller living space. This is especially true for younger Millennials and Gen Z who often prioritize location and access to urban amenities over space." Dragos explained that developers are adding more units to each floor plan to meet the needs of Austin's booming population and rapidly increasing demand for housing. With square footage emerging as the new currency in the apartment market, analyzed a decade of apartment data to see how much space renters in 100 U.S. cities are getting now compared with 10 years ago. Austin's shrinking average apartment size bucks an upward national trend. "Our annual analysis shows a significant shift in the U.S. rental landscape: the average size of new apartments expanded again in 2024, reversing a decade-long trend of shrinking floor plans," RentCafe said. "The most substantial space gains are appearing in several Coastal and Sunbelt cities, giving renters fresh options for more spacious living." Other key takeaways: The average apartment size in the U.S. increased in 2024, reaching 908 square feet, as most unit types expanded their living spaces. Studios, one- and two-bedroom apartments got larger, adding between 4 square feet and 13 square feet to their floor plans. Two Florida destinations, Tallahassee and Gainesville, claim gold and silver among the cities with the largest apartments. Seattle holds on to its top spot as the city with the smallest apartment size in the U.S. Apartments in San Francisco have expanded the most among large cities, gaining 59 square feet in the last decade compared with the previous one. It's followed by Queens, New York, where renters gained 39 square feet. This article originally appeared on Austin American-Statesman: Austin apartments got smaller in size over the past 10 years.
Yahoo
09-05-2025
- Business
- Yahoo
If your Austin apartment feels smaller, it may very well be, new report says
Austin renters are getting noticeably less space than they did a decade ago, even as the average national apartment size has trended up. According to a new report from Austin lost more than 50 square feet in average apartment size in 10 years. Houston and Plano, meanwhile, saw barely any shrinkage — with decreases of less than 5 square feet, RentCafe said. "Texas may be known for 'bigger is better,' but Arlington has seen the steepest drop in apartment size in the U.S.," according to a news release from RentCafe, a nationwide apartment search website and a part of Yardi. "In just 10 years, the average apartment in the home of the Dallas Cowboys shrank by 215 square feet — enough space to accommodate an entire New York City micro-apartment, where the kitchen doubles as the living room," RentCafe said in a news release. In Austin, several factors are behind the apartment size changes in the city's rental market, said Adina Dragos, the report's author and a RentCafe research analyst. "There has been an increase in the share of studios and one-bedroom apartments compared to the decade before, while larger units like two-bedrooms have become less common," Dragos told the American-Statesman in an email. "What's more, the average size of all units has shrunk, leading to an overall trend of smaller living spaces. "These changes are likely to reflect shifting renter preferences towards more desirable areas such as big job hubs, even if it means choosing a smaller living space. This is especially true for younger Millennials and Gen Z who often prioritize location and access to urban amenities over space." Dragos explained that developers are adding more units to each floor plan to meet the needs of Austin's booming population and rapidly increasing demand for housing. With square footage emerging as the new currency in the apartment market, analyzed a decade of apartment data to see how much space renters in 100 U.S. cities are getting now compared with 10 years ago. Austin's shrinking average apartment size bucks an upward national trend. "Our annual analysis shows a significant shift in the U.S. rental landscape: the average size of new apartments expanded again in 2024, reversing a decade-long trend of shrinking floor plans," RentCafe said. "The most substantial space gains are appearing in several Coastal and Sunbelt cities, giving renters fresh options for more spacious living." Other key takeaways: The average apartment size in the U.S. increased in 2024, reaching 908 square feet, as most unit types expanded their living spaces. Studios, one- and two-bedroom apartments got larger, adding between 4 square feet and 13 square feet to their floor plans. Two Florida destinations, Tallahassee and Gainesville, claim gold and silver among the cities with the largest apartments. Seattle holds on to its top spot as the city with the smallest apartment size in the U.S. Apartments in San Francisco have expanded the most among large cities, gaining 59 square feet in the last decade compared with the previous one. It's followed by Queens, New York, where renters gained 39 square feet. This article originally appeared on Austin American-Statesman: Austin apartments got smaller in size over the past 10 years.
