Incident Response

ICS/OT Incident Detection Accelerates, But Response Gaps Remain

Share
Credit: Adobe Stock Images

Industrial control system and operational technology environment compromise have been identified in less than a day by almost 60% of critical infrastructure sector organizations this year, which is a significant improvement from the same rate of respondents discovering such compromise between two and seven days in 2019, reports SecurityWeek.

Only 12% of critical infrastructure professionals disclosed ransomware attacks against their organizations during the past 12 months, with half of the intrusions affecting either the OT network alone or both IT and OT networks, while only 19% reported experiencing other cyberattacks over the same period, with IT compromise enabling OT system infiltration being the leading initial attack vector, according to the SANS Institute's 2024 State of ICS/OT Cybersecurity report.

Despite improvements in attack identification, only 56% noted the presence of ICS/OT-specific incident response plans within their organizations, with such plans mostly evaluated only once a year.

More frequent incident response plan testing was also associated with greater consideration of threat intelligence and other aspects of combating cyber threats.