Improvement in Cybersecurity Practices Across ICS/OT – SANS 2024 Survey Results

The latest findings from the SANS 2024 State of ICS/OT Cybersecurity Survey have revealed a positive shift in cybersecurity practices across industrial control systems (ICS) and operational technology (OT) environments. The survey, presented by Jason D. Christopher, a SANS certified instructor and survey author, highlighted significant improvements in the security posture of organizations using ICS/OT cybersecurity standards and threat intelligence to guide their programs.

One of the key takeaways from the survey was the increased emphasis on detection capabilities, with more organizations implementing OT-specific monitoring tools to bolster visibility into critical networks. Additionally, there was a notable rise in the adoption of cloud-based ICS/OT solutions, showcasing a growing acceptance of cloud technologies in traditionally conservative industries.

However, despite these advancements, the survey also uncovered critical gaps in preparation and workforce readiness. Only a small percentage of respondents reported preparing for cyber incidents using range environments with ICS/OT-specific tools, highlighting a need for more robust incident response plans in the industry.

Jason Christopher emphasized the growing importance of ICS/OT security and acknowledged the progress made by the industry in maturing its cybersecurity practices. However, he also emphasized the need for continued efforts to address the disparities between leading organizations and those lagging behind in securing critical infrastructure.

Overall, the survey provided valuable insights into the evolving landscape of ICS/OT cybersecurity, highlighting both achievements and areas that require further attention and improvement.