Close this search box.

ICS Security Risks Continue to Rise and Evolve


Basic security lapses are responsible for many cyberattacks. A worrying number of organizations are still neglecting to apply security patches regardless of the growing threats to systems and data.

SANS Institute’s annual survey of industrial control systems (ICS) security practitioners finds that threats are shifting, identifying attacks remains challenging, and some basic security practices are not implemented.

The fourth year of the survey found some improvements in protecting critical assets and infrastructure, while other challenges have emerged. For example, four out of 10 ICS security practitioners lack visibility or sufficient supporting intelligence into their ICS networks, which is one of the primary impediments to securing these systems. Ransomware was newly identified as a top threat, along with the growing addition of devices to the network.

Despite the high-profile news coverage of recent attacks of unpatched systems, SANS found that only 46% of respondents regularly apply vendor-validated patches. An astounding 12% neither patch nor layer controls around critical control system assets.

Bengt Gregory-Brown, survey author, noted, “Changes in ICS/SCADA environments have historically come at a pretty slow pace, but this pace is accelerating with IT/OT convergence, and the speed of change is challenging everyone working with these systems to keep up or accept growing levels of risk.”

Survey responders placed the highest priority on keeping OT systems reliable and available.

“With nearly 69% of ICS security practitioners saying threats to the ICS systems are high or severe and critical, it becomes clear that companies must pay attention at the highest levels to ensure the safety, reliability and integrity of their company’s control systems,” said Doug Wylie, director of the Industrials & Infrastructure Practice Area at SANS Institute.

SANS and experts will share results of the survey during a two-part webcast Tues., July 11 and Wed., July 12 at 1:00 p.m. EDT. The webcasts are sponsored by Great Bay Software, Nozomi NetworksPASTempered Networks and TripWire.

Register to attend the webcasts at and

WIll Sue of Gerent
Data Loss Prevention
Ransomware Attacks on Banks

Explore our topics