"ICS Cybersecurity Report: Control Systems Remain Highly Targeted by Threat Actors as Organizations Forced to Rapidly Mature Programs"
According to the 2022 SANS OT/ICS Cybersecurity Report, hackers continue to show a strong interest in Industrial Control Systems (ICS), but organizations are much more prepared following the high-profile incidents of 2021. However, this is not a universal trend, as 35 percent of organizations are still unable to determine if they have been compromised, and 17 percent are still not monitoring Operational Technology (OT) system security. Nozomi Networks, a cybersecurity leader, and the SANS Institute, a leading research and training organization, conducted the survey, incorporating the feedback of over 330 ICS cybersecurity managers, analysts, and architects from firms all over the world. In 2021, criminal ransomware groups crossed the line into attacking critical infrastructure systems and attempting to cause physical, real-world damage, most notably with highly disruptive attacks on Colonial Pipeline and the meat-packing giant JBS. According to the 2022 ICS Cybersecurity Report, the industry is responding to these incidents by being better prepared and more willing to budget for ICS cybersecurity overall. However, many organizations are still vulnerable and face challenges in catching up with the threat landscape. The majority of organizations now consider ICS threats to be extremely serious. Twenty-two percent rated them as "critical," while 41 percent rated them as "high," indicating a slow but steady increase over the years. According to the survey, 80 percent of security professionals now have a role that emphasizes ICS (up from 50 percent the previous year), showing an increasing awareness that the worlds of standard Information Technology (IT) security and ICS cybersecurity are significantly different and require different skill sets. The majority of respondents who split their time between ICS and a business role say that ICS now takes precedence. Respondents also shared their top individual ICS cybersecurity challenges, revealing that integrating aging legacy systems with modern IT networks was the top concern. This has been a persistent problem because industrial equipment is generally designed to last for decades and did not begin anticipating Internet-based threats until recently. Concerns were also expressed about how modern IT systems still need to be designed to interface with industrial equipment and control systems. Another major concern is a lack of IT personnel who understand OT operational requirements, as well as a lack of labor to implement existing security plans. This article continues to discuss key findings from the 2022 SANS OT/ICS Cybersecurity Report.