Over half of organizations experience incidents involving industrial control or operational tech
Over the past year, more than 50 percent of organizations have experienced at least one security incident involving ICS/OT systems. Among the top vulnerabilities exploited are internet-accessible devices (33 percent) and transient devices (27 percent), often used to bypass traditional defenses.
A new report from the SANS Institute, in partnership with OPSWAT, shows that while 55 percent of organizations reported increased ICS/OT cybersecurity budgets over the past two years, much of that investment remains heavily skewed toward technology, with limited focus on operational resilience.
The report identifies IT compromises as the most common entry point, responsible for 58 percent of ICS/OT incidents, pointing up the need for integrated security strategies that address cross-domain vulnerabilities.
But despite growing recognition of OT cybersecurity as a priority, only 27 percent of organizations place budgetary control under CISOs or CSOs. Less than half of those surveyed allocate only 25 percent of their cybersecurity budgets to safeguarding critical infrastructure.
Dean Parsons, principal instructor, CEO and principal consultant of ICS Defense Force says:
The evolving threat landscape in ICS/OT demands more than just deploying the five ICS Cybersecurity critical controls. Effective critical infrastructure defense requires a strategic investment in ICS/OT-specific security training, ensuring that those responsible for monitoring ICS controls have a deep understanding of control system networks.
One of the most concerning findings in the report is that while cybersecurity budgets have increased, much of the investment remains focused only on traditional business support systems such as IT, leaving ICS/OT environments, the business itself, dangerously under-protected. After all, in an ICS organization, the ICS is the business.
Organizations that fail to re-evaluate their threats to their ICS environments leave critical infrastructure vulnerable to increasingly sophisticated attacks. Protecting these engineering systems isn’t optional -- it's essential for operational resilience and national security.
You can get the full report from the OPSWAT site.
Image credit: Branex/Dreamstime.com