Threats to industrial control systems are becoming increasingly widespread, according to a new survey from cybersecurity firm Kaspersky Lab and Business Advantage that found over half of the companies sampled reporting at least one cyberattack in the last 12 months.
One-in-five respondents experienced two incidents within the 12-month window.
Data gathered comes from 359 industrial cybersecurity practitioners in 21 countries that completed online surveys between February 2017 and April 2017.
The top observed threat remains conventional malware, which played a part in 53 percent of actual incidents, followed by targeted attacks, such as spear phishing to more sophisticated advanced persistent threats. The top perceived threats are third-party supply chain/partners and sabotage/intentional damage from other external sources.
This has led three-in-four companies to expect a cyberattack to happen to them, though 83 percent feel prepared to combat an incident.
Organizations might not be as ready as they believe themselves to be, however, considering the fact that the anti-malware solutions already implemented by 67 percent of respondents still allowed for so many incidents.
Increasing the frequency of issuing patches/updates could contribute to protection from incidents like the WannaCry pandemic, but the increased attack surface and access granted to external parties by growing enterprises complicates matters.
Therefore, risk management is being recognized as a growing priority, but finding properly trained staff and reliable external partners to implement cybersecurity tops the challenges of companies that acknowledge financial loss is shown to decrease in organizations that have security awareness programs for staff, contractors and partners.
Looking at the survey’s findings, the top risk factors appear to be the access of external parties, a lack of compliance with industry/government regulations and the use of wireless connections. This has led companies to express support for some level of mandatory reporting and governance to help bring about more transparency to help develop frameworks to address the risks.
Some factors that appear to help mitigate threats include documented cybersecurity programs being set in place; regular security assessments/audits being conducted; vulnerability scans and patch deployments happening biweekly at minimum; unidirectional gateways being installed between control systems and the rest of the network; anti-malware solutions being installed for industrial endpoints; industrial anomaly detection tools, intrusion detection and intrusion prevention tools being used; and staff and contractors being given regular security awareness training.
The entire survey can be accessed by filling in a form on the Kaspersky blog.