The SANS report makes it clear that organisations are investing in cybersecurity. Here are the key takeaways:
1.There is a high Industrial Control System (ICS) cybersecurity risk
About 50% of this year’s respondents have rated it high or severe. 62% believe that people are the greatest threat when it comes to compromising security. At the same time, less than 25% of respondents fear phishing.
2.ICS security postures are increasingly more mature
ICS threats seem to be taken seriously by most organisations. 51% of respondents resort to using active monitoring to detect any potential cybersecurity threats. Compared to 2017, only 50% view ICS security threats as severe or critical (down from 69% in the last year).
3.Operations Technology (OT)/IT convergence seems to be the norm
It looks like organisations are embracing OT/IT convergence, with 65% of respondents claiming that the collaboration level is at least on a moderate level. 27% claim that IT and OT initiatives have been made a priority for this year.
4.Mobile and wireless are the underestimated cybersecurity threats
Despite the fact that 37% of OT control system connections are wireless, respondents do not view them as a cybersecurity threat. Mobile devices are replacing traditional desktop computers and that makes them risk areas for traditional desktops.
Of course, this is just a fraction of the statistics available from the full report. If you’re interested in it, head on over to Sans’ official website to grab it.