CIO Influence
CIO Influence News Security Technology

2024 SANS ICS/OT Cybersecurity Survey: Progress Made, Gaps Persist in Critical Infrastructure Security

2024 SANS ICS/OT Cybersecurity Survey: Progress Made, Gaps Persist in Critical Infrastructure Security

SANS Institute - Wikipedia

Survey Shows Improvement in Cybersecurity Practices Across Industrial Control Systems (ICS) and Operational Technology (OT) But Emphasizes Need for Enhanced Response Capabilities

SANS Institute has released the findings of its highly anticipated SANS 2024 State of ICS/OT Cybersecurity survey, revealing significant strides in securing industrial control systems (ICS) and operational technology (OT) environments. Notably, the report sounds a clear warning that while some organizations are raising the bar, many are still leaving critical systems exposed, with significant gaps between the “haves” and the “have-nots” in ICS/OT security.

Also Read: CIO Influence Interview with Rafee Tarafdar, EVP and Chief Technology Officer, Infosys

The survey, presented by SANS-certified instructor and survey author Jason D. Christopher, revealed that organizations using both ICS/OT cybersecurity standards and threat intelligence to guide their program are lightyears ahead of their peers in terms of maturity and capabilities. Such organizations are quicker to detect cyber events, are more likely to have mapped all external connections to the industrial environment, and typically have ICS/OT-specific security operation centers (SOCs). In comparison, organizations without such guiding principles tend to lack central governance for industrial cyber risk management and lack basic capabilities, like a dedicated incident response plan.

For the first time since its inception, the 2024 State of ICS/OT Cybersecurity also examines historical trends over the past five years with some hopeful trends outlining improved security for industrial facilities. For example, in 2019, a majority of respondents who suffered an ICS/OT cybersecurity incident took, on average, 2-7 days to detect a compromise. Five years later, over half of respondents reported the same capability took less than 24 hours—a marked improvement for critical infrastructure asset owners and operators. Similarly, basic security protections like endpoint protection and multifactor authentication for remote access saw drastic increases in their deployments since 2019.

“There’s a growing recognition of the importance of ICS/OT security, and the good news is that the industry is maturing,” said Jason Christopher. “We’re seeing more time, resources, and strategy being allocated to protect these systems. However, the gaps we’re identifying, particularly around ICS/OT-specific security operations and visibility into industrial environments, highlight that we still have a lot of work to do.”

Also Read: TuumIO Partners with Storj for Advanced Distributed Cloud Storage

Key Findings of the 2024 Survey Include:

Improved Detection Capabilities: In 2019, OT-specific monitoring was used by only 33% of respondents seeing a significant jump to 52% in 2024—highlighting the importance in visibility for these critical networks.
Significant Gaps in Preparation and Workforce: Only a small percentage (34%) of respondents prepare for cyber incidents using range environments with ICS/OT-specific tools. Combined with the majority (51%) of respondents protecting these systems without a relevant certification, and there’s cause for concern when examining how prepared security teams are in recovering from an industrial cyber incident.
Growing Adoption of Cloud Solutions: Despite concerns, cloud-based ICS/OT solutions saw a +15% increase in adoption, especially in non-regulated environments.
Limited AI Adoption: AI remains largely experimental, with few organizations applying it to ICS/OT due to lack of use cases and safety/reliability concerns.

“The gap between security leaders and the rest of the industry is growing,” Christopher continued. “We see some organizations doing incredible work, leveraging both industry standards and ICS-specific threat intelligence to improve security posture. Still, many others are just beginning to grasp the complexity of securing these critical environments and this disparity poses a major risk as interconnectedness increases.”

These findings and more will be explored in depth during the SANS 2024 ICS/OT Cybersecurity Survey Webcast on October 9, 2024, at 10:30 AM EDT. The webcast will feature survey author Jason Christopher, along with industry experts, offering actionable recommendations and analysis on strengthening ICS/OT security strategies. Registrants will also receive a complimentary copy of the survey whitepaper.

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]

Related posts

AMD Expands HPC Fund to Aid Researchers Solving the World’s Toughest Challenges

AVCtechnologies Announces Filing of Resale Registration Statement as Part of Funding Plan

CIO Influence News Desk

Swiss National Supercomputing Centre, Hewlett Packard Enterprise and NVIDIA Announce World’s Most Powerful AI-Capable Supercomputer

CIO Influence News Desk