The key threats facing ICS/OT environments

Industrial control system and operational technology environments are becoming increasingly interconnected and complex, offering efficiency and innovation. However, this also exposes organizations to heightened vulnerabilities from relentless cyber threats.

The latest SANS 2023 ICS/OT Cybersecurity Survey, sponsored by critical infrastructure protection specialist OPSWAT, shows the three items of utmost importance for ICS security programs in 2023 have been identified as network visibility, risk assessments, and transient device threat detection.

Survey respondents consider current cybersecurity threats to ICS as severe/critical (25 percent) and high (44 percent). They are mainly concerned with ,and have experienced, ICS incidents involving malware threats or attackers breaching the IT business network.

Dean Parsons, a SANS certified instructor, practitioner, and ICS/OT cybersecurity assessment expert, says, "This year's survey reveals several notable changes compared to previous years. We see significant efforts in crucial areas and, regrettably, a lack of commitment in some equally important, evolving domains. However, there is a silver lining in the form of increased investments in asset inventorying, network-specific ICS/OT visibility and detection systems, and the development, training, and retention of staff with the required specific ICS security skillsets."

The report also points out a significant trend towards IT/OT staff convergence in enterprises, with 38 percent of all respondents now responsible for both ICS and IT security, indicating increased responsibilities in 2023 compared to the 20 percent reported in 2022.

Cybersecurity solution providers are often consulted (43 percent) when signs of infection or infiltration emerge, emphasizing the need for specialized expertise in incident response. Additionally, a quarter of respondents are uncertain about having an exercised and documented plan for operating ICS engineering systems in reduced capacity, with only 56 percent currently possessing a dedicated ICS/OT incident response plan.

"Building resilient critical infrastructure requires a proactive approach to cybersecurity as noted with the SANS' report findings," says Yiyi Miao, OPSWAT's chief product officer. "At OPSWAT, we're committed to empowering organizations to safeguard their vital systems through effective industry-leading solutions."

The full report is available from the OPSWAT site.

Photo Credit: Pand P Studio/Shutterstock