It is our intent, and the intent of SANS ICS as a whole, to not only gain information and report on the state of industrial control system (ICS) security, but also to contribute toward improving that condition. Unfortunately, this report contains some disappointments on this score. Analysis of survey data collected between January and April 2016 indicates that security for ICSes has not improved in many areas and that many problems identified as high-priority concerns in our past surveys remain as prevalent as ever. In this report, therefore, we focus on identifying and prioritizing recommendations to address the greatest concerns.
Control systems increasingly permeate all aspects of modern societies. Several ongoing and accelerating trends of networking devices together have grown from niche tech geek topics to general public awareness. Driven by market forces and technological considerations, the wired and wireless web of consumer devices, often referred to as the Internet of Things (IoT), and the interconnection of industrial equipment, termed the Industrial Internet of Things (IIoT), encounter each other with greater and greater frequency as we approach a hypothetical future state of total connectivity, the Internet of Everything (IoE), and the distinctions between them tend to blur.
In this survey we focused on the security of clearly industrial control systems: the supervisory control and data acquisition systems (SCADA), distributed control systems (DCS), process control systems (PCS) and building automation/control systems (BAS/BCS) used to manage automated manufacturing, pharmaceutical processing and food production, as well as critical infrastructure, such as water, oil and gas, energy, utilities, and aerospace and defense networks. Systems that manage traffic, transit and transportation, and keep the lights on, the data flowing, and the water clean and running—all out of the public eye—are the highest priority. SANS took on the task of investigating and improving ICS security several years ago, by forming the SANS ICS Security practice to develop and deliver training and by launching the first annual survey in 2013.
2015 Energy Industry Cybersecurity Report
Strategic Cybersecurity: A Toolkit for Prioritizing, Coordinating, and Transforming Your Cybersecurity Program