SANS ICS Survey Shows Increasing Threats, Fluctuating Investments in Training

By Larry O'Brien

Industry Trends

ARC reported on our new alliance with SANS last week, as well as our expanded cybersecurity program at the ARC Forum in Orlando for 2018. SANS, the leading source for cybersecurity training, operates the Internet Storm Center. The organization is also well known for its State of Industrial Control Systems (ICS) Security survey, which helps companies better understand how their cyber-awareness and preparedness compares to their peers in industry and where to make meaningful investments to address risk. You can see a summary of the 2016 ICS Survey results here.

sans logo.png

The results of the 2017 ICS survey are coming shortly, and SANS has provided ARC with a preview of some key findings. These will be discussed in more detail in an upcoming two-part webcast series.

“This year’s survey revealed that 35% of the respondents rate extortion, including ransomware, as a top threat—that is almost double from 2016,” said Doug Wylie, SANS Industrials & Infrastructure Portfolio Director. “Yet, when compared to other OT security initiatives, data suggests that budgets for security awareness as well as training/certifying ICS-security staff decreased in 2017. This indicates OT departments are having to make challenging decisions regarding when and where to spend their limited budgets.”

These results are powerful both for what they tell us about today’s state of security for industry and by showing how things have changed, or not changed, year-over-year. In ARC’s view, investment in cybersecurity training for industrial, infrastructure, and smart city end users is sorely lacking. Training, education, and proper certifications are a requirement; not a “nice to have”.

Register today for the SANS two-part webcast series:

“The 2017 State of Industrial Control System Security-Part 1: Personnel, Threats and Tools”
July 11, 1:00-2:00pm EDT (UTC-4)
Register here:

“The 2017 State of Industrial Control System Security-Part 2: Protection, Prevention and Convergence”
July 12 @ 1:00-2:00pm EDT (UTC-4)
Register here:

The 2017 State of Industrial Control System Security Report will be published following the two-part webcast series. Be one of the first to see this new report.

Engage with ARC Advisory Group