Cybersecurity budgets for industrial control systems and operational tech increasing: SANS Institute
Nozomi Networks and the SANS Institute released a survey showing that companies are investing more in industrial control system (ICS) cybersecurity to match the increasingly elaborate cyber threat landscape.
The 2021 SANS ICS/OT survey got 480 responses, with 47% reporting that their ICS security budgets increased over the past two years. Another 32% said there had been no change.
Nearly half of respondents said they did not know if their organizations had suffered from a cybersecurity incident while just 15% admitted that they had one in the last 12 months.
Of those who did say they dealt with cybersecurity incidents, more than half said they were able to detect compromise between 6-24 hours. Thirty percent were able to detect compromise in under six hours.
Almost 20% said the engineering workstation was an initial infection vector. About half cited "external connections" as the dominant access vector while 36% mentioned remote access services as a prevalent reported initial access vector for incidents.
Surprisingly, nearly 70% of respondents rated risk to their environment high or severe, a significant increase compared to the 51% seen in 2019. More than half cited ransomware, cybercrime and nation-state attacks as the top threat vectors. More than 31% of respondents said unprotected devices were also a major concern.
Thankfully, about 70% of respondents said they have some form of monitoring program in place for OT security and nearly 76% said they have conducted a security audit of their OT/control systems or networks in the past year.