A new report titled SANS 2021 OT/ICS Cybersecurity Report contains alarming information gathered from 480 individuals in various industries. Organizations that use operational technology (OT) and industrial control systems (ICS) are very concerned about cyber attacks.
The findings highlight the need for businesses to improve the ability to anticipate and respond to emerging threats and opportunities. While many are taking precautions to reduce risks, they are unaware if the breaches already occurred within their organization. To summarize the findings:
- Approximately 70% of respondents indicated that the risk to their operational technology environment was high or severe.
- With many companies concerned about cyber risk in their operating environment, 48% of respondents did not know whether they had encountered a breach of operational technology or control system security in the previous year.
- Only 12% believe that their systems have not been hacked, and 15% are willing to suffer security mishaps, many of which cause business interruption.
The following are the most frequently cited responses to the attack vectors used in the situations they encountered:
- Compromised technical workstations: 18%
- Removable media: 24%
- Spear phishing: 26%
- Internet-accessible devices: 28%
- The use of publicly available applications: 32%
- External remote services: 36%
According to the authors of the study, effective defense of OT environments requires a multi-layered and integrated strategy that considers both internal and external risks, understands the vulnerability to these threats, and prioritizes mitigation actions through people, processes, and technology to address identified risks.