"The Biggest Threat to ICS/OT Is a Lack of Prioritization"

Findings from a survey conducted by the SANS Institute suggest that cyberattackers have a robust understanding of Operational Technology (OT) and Industrial Control System (ICS) engineering, as they have executed attacks that can gain access and impact operations. Of the survey participants, 61 percent revealed that there is a gap in the perception of cybersecurity risks faced by their ICS facilities between OT/ICS cybersecurity front-line teams and other members of the organization. When asked about the most concerning threat categories, 50 percent of the respondents cited ransomware as the biggest threat. Adversaries are targeting ICS operations with ransomware because such operations could lead to higher and faster payouts. Facilities are urged to ensure that OT/ICS defenders are knowledgeable about their control systems and the ever-changing threat landscape. Defenders must also increase efforts to improve ICS network visibility and monitor abnormalities in the control system traffic. This article continues to discuss key findings from the survey regarding the gap in perception around ICS risks, ransowmare as the biggest threat to OT, challenges associated with ICS security resources, and the importance of improving ICS system and network visibility. 

Help Net Security reports "The Biggest Threat to ICS/OT Is a Lack of Prioritization"