Four out of 10 industrial control security practitioners don’t have proper visibility into their ICS networks. This is according to a new study by the SANS Institute.
Based on a poll of ICS practitioners and cybersecurity stakeholders across various verticals, including energy, manufacturing, oil and gas, the report says that 40 percent of defenders are actually working blind to detect a cyber attack.
And by “working blind” the report refers to finding out where the attack is coming from and trying to remediate it in a “reasonable” amount of time.
“That statistic is even scarier,” the report says, “when you take into account that 67 percent say threats to the ICS systems are high, or severe and critical.”
There are four types of threats that are perceived as the biggest ones. First, adding devices that can’t protect themselves on the network. Then, there are internal incidents spurred by accidental actions, and external threats from hacktivists and state-funded attackers.
And finally, there’s extortion, more commonly referred to as ransomware.