50+ Cyber Security Courses at SANS 2020 in Orlando! Save up to $150 thru 3/4.


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

SANS Institute Survey Finds ICS Security Risks Continue to Rise and Evolve

Adding Unprotected Devices and Ransomware as Top Threats to Industrial Control Systems

  • Bethesda, MD
  • July 5, 2017

SANS Institute's annual survey of industrial control systems (ICS) security practitioners finds that threats are shifting, identifying attacks remains challenging, and some basic security practices are not implemented.

The fourth year of the survey found some improvements in protecting critical assets and infrastructure, while other challenges have emerged. For example, four out of 10 ICS security practitioners lack visibility or sufficient supporting intelligence into their ICS networks, which is one of the primary impediments to securing these systems. Ransomware was newly identified as a top threat, along with the growing addition of devices to the network.

Despite the high-profile news coverage of recent attacks of unpatched systems, SANS found that only 46% of respondents regularly apply vendor-validated patches. An astounding 12% neither patch nor layer controls around critical control system assets.

Bengt Gregory-Brown, survey author, noted, "Changes in ICS/SCADA environments have historically come at a pretty slow pace, but this pace is accelerating with IT/OT convergence, and the speed of change is challenging everyone working with these systems to keep up or accept growing levels of risk."

Survey responders placed the highest priority on keeping OT systems reliable and available.

"With nearly 69% of ICS security practitioners saying threats to the ICS systems are high or severe and critical, it becomes clear that companies must pay attention at the highest levels to ensure the safety, reliability and integrity of their company's control systems," said Doug Wylie, director of the Industrials & Infrastructure Practice Area at SANS Institute.

SANS and experts will share results of the survey during a two-part webcast Tues., July 11 and Wed., July 12 at 1:00 p.m. EDT. The webcasts are sponsored by Great Bay Software, Nozomi Networks, PAS, Tempered and TripWire.

Register to attend the webcasts at www.sans.org/webcasts/103727 and www.sans.org/webcasts/103792.

Those who attend the webcasts receive early access to the associated whitepaper, which will be posted and available at www.sans.org/reading-room/whitepapers/analyst after the live webcasts.


#ICS security: more attacks, focus on protecting data & systems, budgets steady: @SANSICS survey results webcast July 11, 12 www.sans.org/webcasts/103727

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 60 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates a practitioner's qualifications via over 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system—the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (https://www.sans.org)