Fully sixty percent are notusing device-level patching to protect IIoT devices and systems. This means that devices which could be secured remain vulnerable to exploits – and they don’t have to be.
A recent SANs survey polled more than 200 security professionals from energy and utilities, oil and gas, and manufacturing organizations. Less than 5% of those in operational technology (OT) roles said they were confident in their company’s ability to secure these infrastructures.
Respondents further cited they lack appropriate IIoT monitoring capabilities. In fact, 32% of organizations surveyed said they have IIoT devices connected directly to the Internet, bypassing the same layers deployed to secure the environment. The threat of external attacks reaching OT networks is no longer science fiction; it is happening now both directly to the network and via lateral creep of attack from IT to OT environments.
Among those surveyed, less than 30% have OT-specific monitoring capabilities. Without visibility, it’s virtually impossible to detect an attack until it’s too late. IP suites can monitor network traffic, but not the integrity of controllers and other devices on the network. Only two out of five respondents indicated they apply and maintain current patches and updates on devices. Fully sixty percent are not using device-level patching to protect IIoT devices and systems. This means that devices which could be secured remain vulnerable to exploits – and they don’t have to be.
These results are concerning but are consistent with what we are seeing in customer engagements. Namely, it is extremely difficult to monitor and secure OT environments without domain specific knowledge and tools.
Fortunately, Indegy is the originator in a new category of products that can provide in-depth visibility, security and control into the industrial networks. Using a hybrid technology approach (i.e. both passive and active monitoring), access to all assets, including “blind spots” is achievable.
With Indegy Device Integrity, you can monitor both industrial controllers and other devices in the network. It also provides a 360-degree view to detect unauthorized activities and threats early in the kill chain - before damage occurs.
The complete 2018 SANS Industrial IIoT Security Survey is available here (PDF). To see a demonstration of the value of Indegy Device Integrity, click on this link.
Indegy, a leader in ICS cybersecurity, protects critical infrastructure from cyber threats, malicious insiders and human error. The Indegy Cyber Security Suite arms operational technology teams with full visibility, security and control by combining hybrid, policy-based monitoring and network anomaly detection with unique device integrity checks.