When it comes to critical infrastructure, 40% of cyber-defenders are working blind and would not be able to detect an attack, let alone find out where it is coming from and remediate it in a reasonable amount of time.
According to research from SANS Institute, four out of 10 industrial control security practitioners lack visibility into their ICS networks—a statistic that becomes even more concerning when one takes into account the fact that 69% say threats to the ICS systems are high, or severe and critical. Unprotected devices, nation-state attacks and ransomware are ranked top threats.
While there has been some progress in protecting critical assets and infrastructure, new challenges have emerged. For instance, despite almost daily news coverage of recent attacks on unpatched systems, SANS found that only 46% of respondents regularly apply vendor-validated patches; and 12% neither patch nor layer controls around critical control system assets.
“The survey confirms practitioners’ intent to move beyond the basics of prevention because industrial intrusion detection tops the list of new technologies they most want to implement,” said Andrea Carcano, co-founder at Nozomi Networks, which sponsored the report. “It’s clear ICS cybersecurity is maturing as operators recognize the likelihood of infiltration and seek early warning to improve resiliency.”
“With more and more unprotected devices making their way into operational networks, and with ransomware, hacktivism and nation state attacks on the rise, owners of critical infrastructure can no longer afford to gamble with weaknesses in ICS security,” added Nozomi Networks CEO Edgard Capdevielle. “Fortunately, CISOs are taking notice, security budgets are growing and a new generation of ICS security solutions is available to help.”