The Control System Cyber Security Association International (CS)2AI, the premier global non-profit organization for Control Systems (CS) and Operational Technology (OT) professionals, and KPMG announced today the release of their first annual CS/OT Cyber Security Report.
The report focuses not only on the threats to CS/OT environments from security breaches, but also on the steps being taken by successful CS/OT security practitioners around the world. “The survey reveals a clear relationship between the failure to focus on the data and metrics needed to enhance security, as well as inadequate levels of maturity for OT security programs,” says Derek Harp, Founder and Chairman of (CS)2AI. “For example, our survey reveals that less than 25% of companies have incorporated an active defense of their control systems and assets.” This report, the first of multiple research products our organization is proud to initiate, offers insight into points of failure and areas of success in this industry.”
Read More : SalesTechStar Interview with Jaime Bettencourt, SVP of Global Account Management at Mood Media
Key report findings revealed
Notable findings based on the analysis of organizations with more mature CS security programs, versus those with less mature programs, reveals that the former:
1. Use managed CS security services much more often: 47 percent vs 6 percent
2. Conduct end-to-end security assessments more frequently: 53 percent vs 36 percent
3. Frequently replace vulnerable CS hardware or software after assessment: 63 percent vs 34 percent
4. Monitor all CS networks: 53 percent vs 16 percent
The (CS)2AI-KPMG Control System Cyber Security Report was developed to provide decision support tools enabling CS cyber security practitioners and management to make best-informed and prioritized decisions regarding the protection of critical assets. For example, the report reveals a mismatch between security spending priorities and return on investment of past allocations, as well as critical success factors common to the most mature cyber security programs.
In collaboration with a team of strategic industry partners, including title partner KPMG and other report supporters including Waterfall Security Solutions, Palo Alto Networks, SecurityWeek, Fortinet, and Airbus Cyber, the report collects and analyzes key data around: (1) CS security events, (2) trends in attack activities and protective technologies, and (3) how organizations are adapting to ongoing challenges including the limited talent pool of skilled workers.
Read More : The Art of Persuasion in a COVID-19 World