SANS Survey on Control Systems Security

  • Webcast Aired Tuesday, 01 Apr 2014 1:00PM EDT (01 Apr 2014 17:00 UTC)
  • Speakers: Matthew Luallen, Derek Harp, Marc Blackmer, Paul Asadoorian, Jason Ostermann, Billy Rios

Results for the SANS 2014 SCADA Survey will also be presented at the 9th Annual ICS/SCADA Security Orlando Summit & Training to be held March 17 and 18, 2014. More information on the summit, including agenda, pre-summit courses, and exciting bonus events can be found at the following link: https://www.sans.org/event/north-american-ics-scada-summit-2014

This second survey on the state of security in control systems will follow key trends introduced in our first survey on SCADA security published in 2013. In that survey, responses from nearly 700 participants revealed the following:

  • Slightly greater than 40% of respondents had their control systems hacked, suspected they were hacked and couldn't prove it, or didn't know.
  • Their biggest concerns were targeted malware like Stuxnet, followed by insider threat and hacktivism.
  • Most were protecting computer assets (80%) and network devices (81%), while only 35% were focusing security on inherently vulnerable control system protocols
  • NIST was the most used guide for industrial control systems security, whereas NERC CIP placed third.

Our 2014 State of Control Systems Security Survey examines new risks and threats that control system operators are concerned about today and what progress has been made in education, awareness and risk management.

Register for this webcast and be among the first to receive the associated survey report developed by SANS Analyst and SCADA/ICS expert Matthew Luallen.

Click here to view the associated whitepaper.