Employee errors or unintentional actions were behind 52 percent of incidents affecting operational technology and industrial control system (OT/ICS) networks last year, according to a new Kaspersky report “State of Industrial Cybersecurity 2019”.
The most common types of vulnerabilities within industrial control systems:
- Misconfigurations (34.7 percent)
- Vulnerabilities, patches and updates (26.7 percent)
- Identity and access management (12.9 percent)
- Insecure services enabled (7.9 percent)
- Architecture and network segmentation (7.9 percent)
- Encryption and authentication (5.9 percent)
- Other (2 percent)
Key trends identified within the industry:
- Greater public awareness of issues around industrial cybersecurity
- Closer integration of OT and IT systems
- The rapid proliferation of new and untested technologies
- An increase in the number of cybersecurity regulations around the world
- The growth of cyber insurance
- The shortage of industrial cybersecurity skills
Top five technical problems observed within the industry:
- Outdated and vulnerable software
- Inadequate network segregation
- Lack of system hardening
- Weak access control
- Insufficient logging and monitoring
Top five non-technical problems observed within the industry:
- Governance of cybersecurity in OT is low.
- Staff training and security awareness
- Business continuity plan
- Third party management
- Incident response planning
How do attackers get in? The report says:
- Vendors
- Remote operations
- IT/OT integration
- Industrial Internet of Things (IIoT) sensors and gateways
- Malware infection from removeable media
- Poorly configured access points and modems
