NEWS DESK

SANS 2024 ICS/OT Cybersecurity Survey Reveals Significant Progress

By PR News Desk

SANS Institute has released the findings of its highly anticipated SANS 2024 State of ICS/OT Cybersecurity survey, revealing significant strides in securing industrial control systems (ICS) and operational technology (OT) environments. Notably, the report sounds a clear warning that while some organizations are raising the bar, many are still leaving critical systems exposed, with significant gaps between the “haves” and the “have-nots” in ICS/OT security.

The survey, presented by SANS certified instructor and survey author Jason D. Christopher, revealed that organizations using both ICS/OT cybersecurity standards and threat intelligence to guide their program are lightyears ahead of their peers in terms of maturity and capabilities. Such organizations are quicker to detect cyber events, are more likely to have mapped all external connections to the industrial environment, and typically have ICS/OT-specific security operation centers (SOCs). In comparison, organizations without such guiding principles tend to lack central governance for industrial cyber risk management and lack basic capabilities, like a dedicated incident response plan.

For the first time since its inception, the 2024 State of ICS/OT Cybersecurity also examines historical trends over the past five years with some hopeful trends outlining improved security for industrial facilities. For example, in 2019 a majority of respondents that suffered an ICS/OT cybersecurity incident took, on average, 2-7 days to detect a compromise. Five years later, over half of respondents reported the same capability took less than 24 hours—a marked improvement for critical infrastructure asset owners and operators. Similarly, basic security protections like endpoint protection and multifactor authentication for remote access saw drastic increases in their deployments since 2019.

“There’s a growing recognition of the importance of ICS/OT security, and the good news is that the industry is maturing,” said Jason Christopher. “We’re seeing more time, resources, and strategy being allocated to protect these systems. However, the gaps we’re identifying, particularly around ICS/OT-specific security operations and visibility into industrial environments, highlight that we still have a lot of work to do.”

Key Findings of the 2024 Survey Include:

  • Improved Detection Capabilities: In 2019, OT-specific monitoring was used by only 33% of respondents seeing a significant jump to 52% in 2024—highlighting the importance in visibility for these critical networks.
  • Significant Gaps in Preparation and Workforce: Only a small percentage (34%) of respondents prepare for cyber incidents using range environments with ICS/OT-specific tools. Combined with the majority (51%) of respondents protecting these systems without a relevant certification, and there’s cause for concern when examining how prepared security teams are in recovering from an industrial cyber incident.
  • Growing Adoption of Cloud Solutions: Despite concerns, cloud-based ICS/OT solutions saw a +15% increase in adoption, especially in non-regulated environments.
  • Limited AI Adoption: AI remains largely experimental, with few organizations applying it to ICS/OT due to lack of use cases and safety/reliability concerns.

“The gap between security leaders and the rest of the industry is growing,” Christopher continued. “We see some organizations doing incredible work, leveraging both industry standards and ICS-specific threat intelligence to improve security posture. Still, many others are just beginning to grasp the complexity of securing these critical environments and this disparity poses a major risk as interconnectedness increases.”

These findings and more will be explored in depth during the SANS 2024 ICS/OT Cybersecurity Survey Webcast on October 9, 2024, at 10:30 AM EDT. The webcast will feature survey author Jason Christopher, along with industry experts, offering actionable recommendations and analysis on strengthening ICS/OT security strategies. Registrants will also receive a complimentary copy of the survey whitepaper.

For more information and to register for the webcast, please visit: SANS 2024 ICS/OT Survey Webcast.

Tags:
PR News Desk

PR News Desk

Disclaimer: This press release, supplied by an external third-party provider, is not under the control of this website. The information is provided 'as is' and 'as available,' and has not been edited by this website. Neither this website nor its affiliates can guarantee the accuracy of the content or endorse the opinions expressed in this press release. This press release is intended solely to inform and educate. It does not offer tax, legal, or investment advice or provide any opinion on the suitability, value, or profitability of any specific security, portfolio, or investment strategy. Neither this website nor its affiliates will be held liable for any errors or inaccuracies in the content, nor for any actions you may take based on this information. Using the information in this press release, you agree to do so at your own risk. This website, its parent company, affiliates, directors, officers, employees, agents, advertisers, and content providers, shall not be liable for any direct, indirect, consequential, special, incidental, punitive, or exemplary damages, including but not limited to lost profits, savings, or revenues, whether arising from negligence, tort, contract, or any other legal theory, even if advised of the possibility of such damages or if they could have been reasonably foreseen. Send press releases to press@menews247
Follow Me:

Related Posts

Disrupt-X, Intel, and Rekeep Sign MoU to Advance AI-Driven Sustainable Infrastructure across the GCC, Europe, and Asia

By PR News Desk

MBRF honors trainers and participants of Dubai International Writing Program workshops

By

Aster DM Healthcare launches myAster in Saudi Arabia

By PR News Desk