Nozomi Networks-Sponsored SANS Survey Finds Security Defences are Getting Stronger as Cyber Threats to OT Environments Remain High
Posted: Tuesday, Nov 01

i 3 Table of Contents

Nozomi Networks-Sponsored SANS Survey Finds Security Defences are Getting Stronger as Cyber Threats to OT Environments Remain High

SYDNEY, October 31, 2022ย โ€”ย Nozomi Networks Inc.,ย the leader in operational technology (OT) and IoT security, today announced theย SANS 2022 OT/ICS Cybersecurity Reportย finds industrial control systems (ICS) cybersecurity threats remain high as adversaries set their sights on control system components. In response, organisations have significantly matured their security postures since last year. In spite of the progress, more than a third (35%) donโ€™t know whether their organisations had been compromised and attacks on engineering workstations doubled in the last 12 months.

โ€œIn the last year, Nozomi Networks researchers and the ICS cybersecurity community have witnessed attacks likeย Incontrollerย move beyond traditional targets on enterprise networks, to directly targeting OT,โ€ said Nozomi Networks Co-founder and CPO Andrea Carcano. โ€œWhile threat actors are honing their ICS skills, the specialised technologies and frameworks for a solid defence are available. The survey found that more organisations are proactively using them. Still, thereโ€™s work to be done. We encourage others to take steps now to minimise risk and maximise resilience.โ€

ย 

ICS Cybersecurity Risks Remain High

  • 62% of respondents rated the risk to their OT environment as high or severe (down slightly from 69.8% in 2021).
  • Ransomware and financially motivated cybercrimes topped the list of threat vectors (39.7%) followed by nation-state sponsored attacks (38.8%). Non-ransomware criminal attacks came in third (cited by 32.1%), followed closely by hardware/software supply chain risks (30.4%).
  • While the number of respondents who said they had experienced a breach in the last 12 months dropped to 10.5% (down from 15% in 2021), 35% of those said the engineering workstation was an initial infection vector (doubling from 18.4% last year).
  • 35% did not know whether their organisations had been compromised (down from 48%) and 24% were confident that they hadnโ€™t had an incident, a 2x improvement over the previous year.
  • In general, IT compromises remain the dominant access vector (41%) followed by replication through removable media (37%).

ย 

ICS Cybersecurity Postures are Maturing

  • 66% say their control system security budget increased over the past two years (up from 47% last year).
  • 56% say they are now detecting compromises within the first 24 hours of an incident (up from 51% in 2021). The majority (69%) say they move from detection to containment within 6 to 24 hours.
  • 87.5% have conducted a security audit of their OT/control systems or networks in the past year (up from 75.9% last year) โ€“ one-third (29%) have now implemented a continual assessment program.
  • The overwhelming majority (83%) monitor their OT system security. Of those, 41% used a dedicated OT SOC
  • Organisations are investing in ICS training and certification: 83% of respondents are professional control system certification holders โ€“ a significant jump from 54% in the last 12 months.
  • Nearly 80% have roles that emphasise ICS operations up from 50% in 2021.

###

To learn more about the latest trends in OT/ICS cybersecurity:

About Nozomi Networks
Nozomi Networks is accelerating the pace of digital transformation by pioneering innovation for industrialย cyber securityย and operational control. Leading the industry, we make it possible to tackle escalating cyber risks to operational networks. In a single solution, Nozomi Networks delivers OT visibility,ย threat detectionย and insight to thousands of the largest critical infrastructure, energy, manufacturing, mining, transportation and other industrial sites around the world.ย www.nozominetworks.com

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organisation. SANS is the most trusted and, by far, the largest provider of training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 liveย cyberย securityย trainingย events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technicalย certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offersย master’s degrees inย cyberย security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet’s early warning system–the Internet Storm Centre. At the heart of SANS are the many security practitioners, representing varied global organisations from corporations to universities, working together to help the entire information security community. (www.SANS.org)

Press Contacts:

Jil Backstrom
jil.backstrom@nozominetworks.com
Tel. +1 303.913.1650

ย 

Follow theย Nozomi Networks Blog

Followย @nozominetworksย on Twitter

Visit and follow theย Nozomi Networks Corporate Pageย on LinkedIn

Nozomi Networks
Nozomi Networks is the leader in OT & IoT security for critical infrastructure. Their platform uniquely combines network and endpoint visibility, threat detection, and AI-powered analysis for fast, effective incident response. Customers around the world rely on Nozomi Networks to minimize risk and complexity while maximizing operational resilience.
Share This