What is the current state of OT/ISC cybersecurity?

An annual survey from the SANS Institute reveals that the practice of ISC security is continuing to mature

The SANS Institute’s has released its annual OT/ICS Cybersecurity Survey, which explores the current state of OT/ISC cybersecurity.

The SANS Institute has released its annual OT/ICS Cybersecurity Survey, which explores the current state of OT/ISC cybersecurity. While cyberattacks and data breaches are on the rise, ISC cybersecurity is reportedly maturing.

The state of OT/ISC cybersecurity

Overall, SANS surveyed 338 respondents including security and other professionals working or active in enterprise IT or operational control systems. 70% of respondents came from organisations with operations in the United States, while 49% were in Europe and 39% in Asia.

Out of this pool, just over 50% perceived the level of OT/ICS cyberrisk to their company’s overall risk profile as severe, critical, or high. In comparison, 69% of respondents reiterated this sentiment in the last survey conducted in 2017.

Moreover, 62% said that “people” present the greatest risk for compromise to an organisation’s OT/control systems. 22% of respondents indicated that “technology” posed the greatest risk, while just 14% stated that “process” was the riskiest element.

ICS cybersecurity is maturing

Above all, the survey demonstrates a growing maturity in identifying potential risk and detecting and remediating actual events. Organisations are now prioritising and committing to increasing OT/control system and network security.

Despite the current challenges, the survey also found that the practice of ICS cybersecurity is maturing. Indeed, 69% of respondents conducted an security audit of their OT/control systems or networks in the past year.

47% also leveraged an external consulting firm or service provider in order to access an independent assessment. Almost 60% consulted internal resources when they have detected signs of an infection or infiltration of their control system cyber assets or network.

This maturity is also evident in the time it took organisations to detect anomalies, which decreased between 2017 and 2019. Although the real value for dwell time is perhaps unknown, there is a clear positive trend toward shorter detection times.

Check out our latest episode of Tech Chat, in which we took a trip to Infosec Europe 2019 to discover the latest industry insights in the world of cybersecurity