TMCnet News
Newest SANS Institute Survey of Industrial Control Systems Security Shows that Despite More Attacks, Security Is Not ImprovingBETHESDA, Md., June 22, 2016 /PRNewswire-USNewswire/ -- A SANS Institute survey examining industrial control systems security (ICS) has found that despite an increase in number and severity of attacks, security is not improving in many key areas, and planned security updates are behind schedule. The survey, Where Are We Now?: The SANS ICS Survey, polled security and IT staff and management working in supervisory control and data acquisition (SCADA) systems, distributed control systems, process control systems and building/automation control systems in North America, Europe and Asia for the third year. Respondents reported that they are shifting more security workload to external resources when doing security assessments and that budget allocations have increased. However, attackers remain ahead of the curve, with known breaches increasing in 2016. Professionals also reported that information about attacks is not being shared outside organizations, contributing to a lack of intelligence for defense. "Control systems are increasingly integrated with IT networks and assets, offering more breach opportunities and attack surfaces in the ICS environment," said Bengt Gregory-Brown, SANS analyst and survey report author. "Unfortunately, we are not seeing a commensurate improvement in the efforts or outcomes of ICS and SCADA security, as reported by the SANS survey respondents." While respondents reported that computer assets, connections and network devices were ranked as the most prone to compromise, only 4% thought the underlying software allowing these to communicate with ICS devices was most at risk. "We find the lack of concern withthis ubiquitous communication mechanism connecting IT and ICS assets troubling, as it is often targeted by bad actors. Attackers use it to pivot from the business network into the ICS," noted the report's co-author, SANS ICS Global Programs Director Derek Harp. Full results will be shared during a free webcast Wednesday, June 29, 1:00 p.m. Eastern, sponsored by Anomali, Arbor Networks, Belden and Carbon Black. Register to attend the webcast at www.sans.org/u/iL6 Those who register for the webcast will also receive access to the published results paper. Tweet this: SANS 2016 ICS Security Survey- "Despite more attacks, security is not improving" | 6/29 1pm ET | Register Now: www.sans.org/u/iKd SANS 2016 ICS Security Survey- How the state of ICS security has changed & emerging threats.| 6/29 1pm ET | www.sans.org/u/iKd About SANS Institute
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/newest-sans-institute-survey-of-industrial-control-systems-security-shows-that-despite-more-attacks-security-is-not-improving-300288773.html SOURCE SANS Institute |