(MENAFN- Editorial) Dubai, UAE – 23 June, 2019–People remain the greatest threat to industrial control systems (ICS) and associated networks, according toa new SANS survey focused onbetter understanding cybersecurity risks to operational technology (OT) systems. More than half of respondents also see the cyber risksto their safe and reliable operations as highor higher than in pastyears.
Three hundred and forty-eight security professionals worldwide, representing IT, OT and hybrid IT-OTdomains provided their thoughts in the SANS 2019 State of OT/ICS Cybersecurity Survey.Sixty-two percent of those surveyed believe people are the greatest risk to cyber security compromise, trailed by technology (22%) and processes and procedures (14%).
“The obvious concern about the risk that people represent—whether they are malicious insiders, careless employees or nation-state bad actors—is consistent across industries,” noted survey co-author and SANS Senior Analyst Barbara Filkins. “We were a little surprised at the lower-rankingconcern around process, given that there is significant complexity involved in ICSdesign, implementation and operationto safeguard OT systems. It’s possible recent attacks that almost always include tried-and-true tactics that exploit human-factors might have impacted our respondents’ perceptions."
Survey takers told SANS thatidentifying connected assets and gainingvisibility into device, network and control system integrity remains an issue: 45.5% consider it a leading focus for their organisations. That aligns with traditional IT security concerns in which identifying and tracking assets and networks remains a challenge.Not surprisingly, mobile devices (including those used remotely to augment and replaceICS workstations), and wireless communications solutions are contributors to overall risks and threat exposure.
Survey co-author and director of SANS Industrials &Infrastructure business portfolioDoug Wylie said, “We know from previous SANS research that the addition of ‘things’ and mobile devices to ICS represents significant risk. We see in our newest results that practitioners strugglemightily with how to offset these mounting challenges.”
The growing adoption and movementto cloud services (40% of respondents indicated they use some cloud service) represents additional risks with exposure to new threats that need to be comprehended and addressed.Wylie added, “Hyperconnectivity and the rapid introduction of new technology within OT is providing tangible value, but the added complexity that comes with each continues to outpace the readiness of those tasked with safeguarding today’s systems from cyber threats.”
MENAFN2306201900703801ID1098674567
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.