SANS Report: The State of OT/ICS Cybersecurity in 2022 and Beyond

Key challenge cited: “traditional IT security technologies are not designed for ICS and cause disruption in OT environments.” 

Industrial Control System and Operational Technology cybersecurityThe Industrial Control System and Operational Technology security community are experiencing cyberattacks that go beyond those seen historically. Given the impact to ICS/OT environments, fighting these attacks requires a different set of security skills, technologies, processes, and methods to manage the various risks and attack surfaces. This sets ICS apart from traditional IT environments. 

The SANS’ ‘State of ICS/OT Cybersecurity in 2022 and Beyond’ report presents the responses of 332 ICS/OT organizations representing a range of industrial verticals across the ICS/OT community. 

In this report, you will also learn more about: 

  • A shift in the responsibility for implementing security controls in ICS/OT 
  • A more dedicated focus on ICS operations 
  • A significant uptake in ICS-specific threat intelligence for active threat-hunt defense 
  • Continued adoption of MITRE ATT&CK for ICS framework 

OT/ICS practitioners shared their experience with the number of security incidents they’ve had in the past 12 months:

OT ICS Security Incidents in the Past 12 Month

Operational Technology’s Cybersecurity Mission White Paper

The Power of XONA: Supporting Operational Technology’s Cybersecurity Mission

In the past few years, there has been an explosive growth in OT infrastructure targeting. The new reality is that today’s threat actors are targeting weaknesses in the OT environment through open ports, lack of proper OT network segmentation, lack of MFA on points of access, and back doors opened by third party vendors.

Recently, the technology research and consulting company Gartner predicted that the financial impact of OT attacks will reach $50 billion by 2023, including a variety of costs from insurance, regulatory fines, litigation, and compensation. They also forewarned that most CEOs will be personally liable for such incidents.

To combat the range of risks before an incident occurs, industrial organizations must adopt a forward-thinking OT security strategy that addresses these upward trends of the modern world.

In this paper, you will learn more about:

  • Gartner’s framework for security controls for OT
  • How to protect connect assets with the required authentication and authorization within the NIST Zero Trust Architecture
  • Additional risk mitigation strategies, from enhanced forensics to monitored user access

To download the full paper, please fill out the form.

Mitigate Ransomware Attacks White Paper

Mitigate the Risk of Ransomware Attacks Against Critical Infrastructure with XONA

XONA Ransomware

Malicious cyber actors are targeting and attacking critical infrastructure, including industrial control systems, at an increasingly rapid pace. Ransomware attacks targeting operational technologies pose both a significant safety and economical threat to organizations and the general public.

Corporate leadership is faced with a dilemma of how to mitigate the exposure to ransomware attacks on OT control systems without impacting operations. Effectively, OT systems need a Zero-Trust, secure operational gateway for user access with Multi-Factor Authentication (MFA), flexible role and time-based user and vendor access controls as well as full session logging, monitoring and recording.

In this paper, you will learn more about:

  • How to mitigate ransomware attacks on OT control systems without impacting operations
  • The top 5 peer-recommended steps to mitigating attacks against critical infrastructure
  • The wide-ranging benefits of implementing a solution that addresses the 5 recommended steps

To download the full paper, please fill out the form.

Zero-Trust IIoT White Paper

The Case for Zero-Trust Access for the Industrial Internet of Things

The convergence of IT and OT unlocks valuable data from Industrial Control Systems and provides more operational visibility to make better business decisions, but it also provides nefarious actors access into industrial control networks. Many OT systems have not been properly safeguarded through updated operating system patches, protocol isolation, strong encryption and multi-factor authentication, or network and user access monitoring.

Over half of all industrial sites use unpatchable operating systems such as Windows XP, according to a recent CyberX survey. Many systems that can accept patches are done on an infrequent basis, introducing a host of potential ways to compromise control systems. The last several years have seen some of the most dangerous cybersecurity attacks of all time.

A “zero-trust” approach for access to OT systems needs to be employed to not only maintain reliable industrial processes but also safeguard civilization.

In this paper, you will learn more about:

  • What a zero-trust framework includes
  • Specific implementations needed for a zero-trust framework
  • How these implementations can work to protect OT data

To download the full white paper, please fill out the form.

Remote Plant Operations White Paper

How to Securely Transition to Remote Plant Operations in Response to Today’s Challenges

A myriad of complex market forces and a unique set of challenges have converged over the last decade, leading to the rapid adoption of new digital solutions in power plants. The growing use of renewables and digitization of the grid have put competitive pressure on traditional gas-operated power plants to evolve in order to be more competitive.

A key part of this evolution is finding new ways to securely operate from a remote environment. As new challenges have emerged, the need for secure remote operations has only accelerated.

In this paper, you will learn more about:

  • The challenges driving this change
  • How power plants have typically operated and why that is no longer sufficient in today’s world
  • The solutions needed to combat these changes
  • The components that make up secure remote operations

To download the full case study, please fill out the form.