Newest SANS Institute Survey of Industrial Control Systems Security Shows that Despite More Attacks, Security Is Not Improving

BETHESDA, Md., June 22, 2016 /PRNewswire-USNewswire/ — A SANS Institute survey examining industrial control systems security (ICS) has found that despite an increase in number and severity of attacks, security is not improving in many key areas, and planned security updates are behind schedule.

The survey, Where Are We Now?: The SANS ICS Survey, polled security and IT staff and management working in supervisory control and data acquisition (SCADA) systems, distributed control systems, process control systems and building/automation control systems in North America, Europe and Asia for the third year.

Respondents reported that they are shifting more security workload to external resources when doing security assessments and that budget allocations have increased. However, attackers remain ahead of the curve, with known breaches increasing in 2016. Professionals also reported that information about attacks is not being shared outside organizations, contributing to a lack of intelligence for defense.

“Control systems are increasingly integrated with IT networks and assets, offering more breach opportunities and attack surfaces in the ICS environment,” said Bengt Gregory-Brown, SANS analyst and survey report author. “Unfortunately, we are not seeing a commensurate improvement in the efforts or outcomes of ICS and SCADA security, as reported by the SANS survey respondents.”

While respondents reported that computer assets, connections and network devices were ranked as the most prone to compromise, only 4% thought the underlying software allowing these to communicate with ICS devices was most at risk.

“We find the lack of concern with this ubiquitous communication mechanism connecting IT and ICS assets troubling, as it is often targeted by bad actors. Attackers use it to pivot from the business network into the ICS,” noted the report’s co-author, SANS ICS Global Programs Director Derek Harp.

Full results will be shared during a free webcast Wednesday, June 29, 1:00 p.m. Eastern, sponsored by Anomali, Arbor Networks, Belden and Carbon Black.

Register to attend the webcast at

Those who register for the webcast will also receive access to the published results paper.

Tweet this:

SANS 2016 ICS Security Survey- “Despite more attacks, security is not improving” | 6/29 1pm ET | Register Now:

SANS 2016 ICS Security Survey- How the state of ICS security has changed & emerging threats.| 6/29 1pm ET |

About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technical certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master’s degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet’s early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (



Leave a Reply

Your email address will not be published. Required fields are marked *