“Attacks on control systems are on the rise.” But “budgets for cyber security in SCADA ICS environments remain very slim, and organizations continue to be dependent on limited resources and staffing to detect breaches and attacks,” said Matt Luallen, SANS Institute Analyst and author of a control system survey.
SANS released results of its 2014 Survey on control system security, in which 268 IT professionals answered questions about their overall risk awareness, trends in threats and breaches, and effective means to mitigate vulnerabilities with regard to supervisory control and data acquisition/industrial control system (SCADA/ICS).
In the year since SANS’ last survey on this topic, the number of entities with identified or suspected security breaches increased from 28 percent to almost 40 percent. Only 9 percent said they were sure they did not suffer a breach.
Organizations want to be able to protect their systems and assets, which include computer systems, networks, embedded controllers, control system communication protocols and various physical assets. Respondents also noted they strive to protect public safety; increase leadership risk awareness; and expand controls pertaining to asset identification, communication channels and centralized monitoring.
Still, quite a few organizations do not or cannot collect data from some of the most critical SCADA and ICS assets, and many depend on trained staff, not tools, to detect issues. The survey also found 16 percent of respondents have no process in place to detect vulnerabilities.
The survey did note a tighter merging of ICS security and IT security, which was once a huge barrier to overcome.
“Respondents indicated that ICS security is being performed by specialists reporting to both engineering and IT,” said Derek Harp, business operations lead for ICS programs at SANS. “This places a real priority on cross-departmental coordination, effectively bridging competencies and building (as well as assessing) skill in an organized manner.”