Industrial control systems (ICS) cyber security threats are growing and identifying attacks continues to be a major challenge according to the annual SANS Institute ICS survey. The survey, co-sponsored by Nozomi Networks and other industry leaders, finds that while there has been some progress in protecting critical assets and infrastructure, new challenges have emerged.
Four out of 10 ICS security practitioners lack visibility into their ICS networks, which is one of the primary impediments to securing these systems. Ransomware was newly identified as a top threat, along with the growing addition of devices to the network.
Despite almost daily news coverage of recent attacks on unpatched systems, SANS found that only 46 percent of respondents regularly apply vendor-validated patches; and 12 percent neither patch nor layer controls around critical control system assets.
While reliability and availability remain the highest priority for OT systems, 69 percent of ICS security practitioners believe threats to the ICS systems are high or severe and critical.
“The survey confirms practitioners’ intent to move beyond the basics of prevention because industrial intrusion detection tops the list of new technologies they most want to implement,” said Andrea Carcano, Nozomi Networks co-founder. “It’s clear ICS cybersecurity is maturing as operators recognize the likelihood of infiltration and seek early warning to improve resiliency.”