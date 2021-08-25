U.S. markets close in 57 minutes

  • S&P 500

    4,498.34
    +12.11 (+0.27%)
     

  • Dow 30

    35,430.17
    +63.91 (+0.18%)
     

  • Nasdaq

    15,050.95
    +31.15 (+0.21%)
     

  • Russell 2000

    2,249.10
    +18.19 (+0.82%)
     

  • Crude Oil

    68.44
    +0.90 (+1.33%)
     

  • Gold

    1,794.30
    -14.20 (-0.79%)
     

  • Silver

    23.90
    +0.01 (+0.03%)
     

  • EUR/USD

    1.1777
    +0.0017 (+0.14%)
     

  • 10-Yr Bond

    1.3390
    +0.0490 (+3.80%)
     

  • GBP/USD

    1.3761
    +0.0032 (+0.24%)
     

  • USD/JPY

    109.9900
    +0.3530 (+0.32%)
     

  • BTC-USD

    48,945.72
    +759.73 (+1.58%)
     

  • CMC Crypto 200

    1,230.51
    +19.98 (+1.65%)
     

  • FTSE 100

    7,150.12
    +24.34 (+0.34%)
     

  • Nikkei 225

    27,724.80
    -7.30 (-0.03%)
     

Nozomi Networks-Sponsored SANS Survey Finds Cyber Threats to OT Environments Continue to Rise–Severity Reaches All-Time High

Nozomi Networks
·5 min read

Industrial organizations are leveraging the cloud as they mature defenses and prioritize control system reliability

SAN FRANCISCO, Aug. 25, 2021 (GLOBE NEWSWIRE) -- Nozomi Networks Inc., the leader in OT and IoT security, today announced the SANS 2021 OT/ICS Cybersecurity Report finds ICS cybersecurity threats remain high and are growing in severity. In response, a growing majority of organizations have significantly matured their security postures since the last SANS OT/ICS survey in 2019. In spite of the progress, almost half (48%) don’t know whether their organizations had been compromised. The Nozomi Networks-sponsored survey echoes Nozomi Networks’ own experiences with customers worldwide.

“It’s concerning to see that nearly half of this year’s survey respondents don’t know if they’ve been attacked when visibility and detection solutions are readily available to provide that awareness,” said Nozomi Networks Co-founder and CPO Andrea Carcano. “Threats may be increasing in severity, but new technologies and frameworks for defeating them are available and the survey found that more organizations are proactively using them. Still, there’s work to be done. We encourage others to adopt a post-breach mindset pre-breach and strengthen their security and operational resiliency before an attack.”

ICS Cybersecurity Risks are Rising in Number and Severity
Cyber threats to OT environments continue to rise and threat severity is at an all-time high.

  • Most respondents (69.8%) rated the risk to their OT environment as high or severe (up from 51.2% in 2019).

  • Ransomware and financially motivated cybercrimes topped the list of threat vectors (54.2%) followed by nation-state sponsored cyberattacks (43.1%). Unprotected devices and things added to the network came in third (cited by 31.3% of survey respondents).

  • Of the 15% of survey respondents who indicated they had experienced a breach in the last 12 months, a concerning 18.4% said the engineering workstation was an initial infection vector.

  • Nearly half of all respondents (48%) did not know whether their organizations had been compromised and only 12% were confident that they hadn’t had an incident.

  • In general, external connections are the dominant access vector (49%) with remote access services identified as the most prevalent reported initial access vector for incidents (36.7%).

ICS Cybersecurity Postures and Technologies have Matured and Are Evolving
This year’s survey found most organizations are taking ICS threats seriously and making solid progress in maturing their security postures to address them. Over the last two years organizations have improved monitoring and threat intelligence capabilities. They are moving away from traditional indicator-based defense capabilities and moving toward threat hunting and hypothesis-based security models. They’re also focusing on data loss prevention.

  • 47% say their control system security budget increased over the past two years.

  • Almost 70% have a monitoring program in place for OT security.

  • 51% say they are now detecting compromises within the first 24 hours of an incident. The majority say they move from detection to containment within 6 to 24 hours.

  • 75.9% have conducted a security audit of their OT/control systems or networks in the past year and almost a third (29.5%) have now implemented a continual assessment program.

  • 50% say they have vendor-provided ICS-specific threat intelligence feeds and there is less reliance (36%) on IT threat intelligence providers.

  • OT SOC adoption is up by a sharp 11% from 2019 to 2021, re-emphasizing the focus away from traditional indicator-based defense capabilities and more toward a threat hunting and hypothesis-based security model.

  • Data loss prevention technologies also saw a sharp increase in deployment (11%).

  • As process reliability becomes a top concern, 34% say they’re implementing zero-trust principles and an additional 31% say they plan to.

ICS is Getting Cloudy
Adoption of cloud-native technologies and services transformed the IT industry. This year’s survey found similar impacts are also beginning to be felt in the OT environment.

  • 40.1% of all survey respondents indicate they are using some cloud-based services for OT/ICS systems.

  • Almost all (91%) are using cloud technologies to directly support ICS operations (combining remote monitoring configuration and analysis; cloud services supporting OT; and remote control/logic).

  • All respondents using cloud technologies are using cloud services for at least one type of cybersecurity function (company NOC/SOC, business continuity and MSSP support).

  • Respondents consider cloud assets relatively secure, with only 13% of responses classifying them as risky.

To learn more about the latest trends in OT/ICS cybersecurity:

About Nozomi Networks
Nozomi Networks accelerates digital transformation by protecting the world’s critical infrastructure, industrial and government organizations from cyber threats. Our solution delivers exceptional network and asset visibility, threat detection, and insights for OT and IoT environments. Customers rely on us to minimize risk and complexity while maximizing operational resilience. www.nozominetworks.com

About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technical certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (www.SANS.org)

Press Contacts:
Jil Backstrom
jil.backstrom@nozominetworks.com
Tel. 303.913.1650

Danielle Ostrovsky
ostrovsky@hi-touchpr.com
Tel. 410-302-9459

Follow the Nozomi Networks Blog
Follow @nozominetworks on Twitter
Visit and follow the Nozomi Networks Corporate Page on LinkedIn


Recommended Stories

  • 3 Unstoppable Healthcare Stocks to Buy Now

    In the highly regulated healthcare sector, there are more than a few companies that are miles ahead of their nearest competitors. This company provides drugmakers and other businesses in highly regulated industries with cloud-based services. Veeva Systems began with customer relationship management (CRM) software from Salesforce.com (NYSE: CRM) but didn't stop there.

  • Man steals hundreds of thousands of personal pictures from people’s iPhones by pretending to work for Apple

    A man stolen hundreds of thousands of personal photos and videos from people’s iPhones, the FBI has said. The hacker posed as an Apple customer service representative to gain access to people’s iCloud photos, the report said. As such, Apple’s servers themselves were not hacked, and they stayed securely within iCloud.

  • Bitcoin Price Prediction – It’s Back to $48,500 or sub-$47,000 for the Bulls

    It’s been a bearish morning for Bitcoin and the broader market. Bitcoin would need to move back through to $48,500 levels to support a run at the resistance levels…

  • Is Cisco Stock A Buy? Analyst Day Slated For Sept. 15 Amid Shift To Software, Services

    A rebound in Cisco stock is largely tied to corporate spending on information technology as the Covid-19 emergency eases. Cloud computing sales are up but 5G wireless has yet to kick in.

  • Google brings Samsung 5G modem tech to U.S. market with new Pixel phone -sources

    Google will tap Samsung Electronics Co Ltd to supply the 5G modem for its next flagship Pixel smart phone, sources familiar with the matter told Reuters, signaling the first win for the Korean firm in a U.S. market dominated by Qualcomm Inc. Earlier this month, Google disclosed that it has designed its own processor chip to power its new Pixel 6 and Pixel 6 Pro high-end phones, ending its complete reliance on Qualcomm, which will still supply chips for the lower-priced Pixel 5A.

  • This could be Apple’s next $20 billion business

    Apple Inc. could turn advertising into its next $20 billion business as the company ramps up its offerings and clamps down on ad targeting by third parties.

  • Cybersecurity Stocks Rally On Palo Alto Earnings Beat Amid Ransomware Attacks

    The best cybersecurity stocks to own is changing amid a shift to remote work and cloud security. Now ransomware attacks are impacting budgets.

  • Ethereum, Litecoin, and Ripple’s XRP – Daily Tech Analysis – August 25th, 2021

    It’s been a bullish start to the day for the majors. Failure to move through the day’s pivot levels, however, would leave support levels in play…

  • Apple Stock Has Thrived During Tim Cook’s First Decade as CEO. What About the Next 10?

    The technology company has seen its fundamentals and share price rocket up even as it pushes out a steady parade of new and improved products.

  • Bitcoin Google Searches Hit 9-Month Low, Cardano Surges

    According to data from Google Trends, the search frequency for the phrase "Bitcoin" has fallen to a 9-month low. Moreover, the long-term chart suggests that the current bull market has not even broken through the peak of the previous cycle in late 2017.

  • Samsung Beats TSM, Intel With Latest Move - Read How?

    Bloomberg reports that the Samsung Group launched a 240 trillion won ($205 billion) expansion initiative to hire 40,000 people to expand its next-generation technologies lead over three years. The announcement follows Samsung leader Jay Y. Lee's release on parole. Lee faced imprisonment for the second time for bribing to win support for his formal succession at the conglomerate. Samsung Electronics Co Ltd (OTC: SSNLF) and Samsung Biologics will drive research and spending in telecommunications,

  • Apple’s iPhone Sales Will Grow Faster Than Anybody Thinks, Says Analyst

    When Apple (AAPL) reported fiscal Q3 2021 earnings late last month, it delivered one of its biggest earnings beats in recent memory. Instead of the $1.01 per share that analysts had forecast, Apple earned a solid $1.30, an "earnings beat" of 29% -- but one analyst thinks that could be only the beginning. JPMorgan analyst Samik Chatterjee added $5 to his price target on Apple stock -- now at $180 a share, ~20% above current prices -- and reiterated an "overweight" rating on the shares to boot. (T

  • Shares Of Cisco Systems Inc. (CSCO) Exceed 52-Week High

    Cisco Systems Inc. (NASDAQ: CSCO) traded at a new 52-week high today of $58.98. Approximately 2.7 million shares have changed hands today, as compared to an average 30-day volume of 15 million shares. Cisco Systems, Inc. is the world’s largest hardware and software supplier within the networking solutions sector. The infrastructure platforms group includes hardware and software products for switching, routing, data center, and wireless applications. Its applications portfolio contains collaborat

  • Apple’s Secret Weapons For Growing Revenue: Advertising and Search

    A pair of research notes on Wednesday highlight how both areas should provide a material boost to top-line growth, while also noting a few associated risks.

  • Dogecoin Is A Dangerous Speculative Joke Controlled By Whales: Report

    The Dogecoin (CRYPTO: DOGE) blockchain sees little use, and on-chain data suggests that it is largely controlled by a handful of wealthy entities. What Happened: According to a Motley Fool report, Dogecoin's "blockchain is a ghost town compared to other cryptocurrencies in the market cap top 10. The report claims that "almost no one's using Dogecoin." Per the report, despite the coin being the seventh biggest crypto by market cap, it only recorded just over 23,000 daily transactions on Aug. 9, w

  • 2 Cathie Wood Growth Stocks to Buy Now

    Popular asset manager Cathie Wood continues to crush the market. Ark's Next Generation Internet ETF is up 41% over the past year, topping the 31% return of the S&P 500. And among the 49 positions in the fund, PayPal (NASDAQ: PYPL) and Unity Software (NYSE: U) stand out.

  • Dogecoin Attempts To Rebound After Strong Sell-Off

    Dogecoin gains some ground while Bitcoin is trying to settle back above $48,000.

  • Biden Urges CEOs to Improve Nation’s Cybersecurity After Attacks

    (Bloomberg) -- President Joe Biden urged a group of chief executive officers to help improve cybersecurity across the nation’s critical infrastructure and economy, citing a lack of trained professionals to adequately protect the U.S.“Our skilled cybersecurity workforce is not growing fast enough to keep pace,” Biden said Wednesday at a meeting with chief executives including Apple Inc.’s Tim Cook, Alphabet Inc.’s Sundar Pichai, Amazon.com Inc.’s Andy Jassy, Microsoft Corp.’s Satya Nadella, and J

  • Comparing Dogecoin, Baby Doge and Shiba Inu: Is There One To Watch?

    Bitcoin has been the most popular and well-known cryptocurrency since it literally began the asset class in 2009. However, as speculative fervor has broken out among many markets over the past few...

  • Ethereum, Litecoin, and Ripple’s XRP – Daily Tech Analysis – August 24th, 2021

    Following Monday’s bullish session, a return to yesterday’s highs would support a breakout day for the majors.