The latest research from Indegy found that nearly 60% of executives at critical infrastructure operators polled in a recent survey claim they lack the necessary security controls to protect their environment from potentially devastating security threats.
The study found that 57 of the 100 executives surveyed do not feel confident that their enterprise or other infrastructure organizations are in full control of operational technology (OT) security.
This is due in part to several contributing factors, including lack of visibility. 35% of respondents claim to have little visibility into the current security state within their environment, and 23% claim to have no visibility at all. Additionally, 63% of respondents claim that insider threats and misconfigurations represent the biggest security risks their organizations are currently facing.
The good news? Nearly 44% of respondents claim their organization plans to increase spending for industrial control systems (ICS) security measures in the next 12-24 months.
The Industrial Internet Consortium recently releases its Endpoint Security Best Practices whitepaper aimed at simplifying IoT security and also highlights the much-needed need for visibility and control within an OT environment.
This survey highlights the lack of preparedness amongst the energy, utilities, and manufacturing industries. Achieving security is impossible without real-time continuous monitoring and visibility into system configurations. NNT recommends implementing Closed Loop Intelligent Change Control to gain visibility of system configuration changes and to spot unusual activity that could represent an attack.
Read the article on InfoSecurity Magazine