Ask an Expert
Tel: +1-281-673-2800
Find an Office
Email Us

The Biggest Cyber Threat to ICS/OT: A Lack of Prioritization – SANS and ABS Group Report

SANS and ABS Group Research - Cyber Attackers are Actively Targeting OT/ICS Environments

View the results of a new survey from SANS Institute, "Threat-Informed Operational Technology Defense: Securing Data vs. Enabling Physics." The ABS Group-sponsored research reveals that cyber attackers have demonstrated a robust understanding of operational technology (OT) and industrial control system (ICS) engineering and have conducted attacks that gain access and negatively impact operations and human safety.

"This research concludes that industrial control systems can no longer be ignored. Organizations that take a 'copy and paste' approach to applying IT security tools, processes and best practices into an OT/ICS environment can expect problematic consequences."

SANS Institute Survey

Did you know that cyber attackers are actively targeting OT/ICS environments? Your critical systems are at high risk and demand priority from IT security. 

Download the full SANS Institute survey of nearly 300 security technology professionals now.

Request Access

Key Report Findings Include: 

Gap in Perception around ICS Risks at Different Levels within the Organization

61% of survey participants indicate a gap exists in the perception of cybersecurity risk to their ICS facilities between OT/ICS cybersecurity front-line teams and other parts of the organization. Of these, 35% indicate the gap is between senior management and the OT/ICS cybersecurity front-line teams.

Ransomware is the Biggest Threat to OT

The industrial community is seeing ransomware with increasingly sophisticated variants that have the capability to cause more disruption to system assets and process flows. When asked about the threat categories of most concern, 50% of respondents place ransomware at the top.

ICS Security Resources are Challenged, Even more so than IT

Security teams are commonly resource-challenged in IT, but even more so in ICS, where additional security and engineering knowledge is required to perform effective ICS active cyber defense. 47% of ICS organizations do not have internal dedicated 24/7 ICS security response resources to manage OT/ICS incidents, and just a slightly lower percentage (46%) of ICS organizations do have this function, leaving 7% unsure of their current state.

ICS System and Network Visibility Warrants Improvement, Investments are Planned 

65% indicate their visibility is limited for control systems, while only 22% have the visibility needed to defend against modern threats, and 7% have no visibility into their control systems.


The SANS research demonstrates a clear call to action: “Critical infrastructure is targeted by cyber adversaries who have demonstrated their knowledge and desire to cause real-world consequences from cyber-attacks. ICS/OT facilities are advised to establish, maintain and mature an ICS Active Cyber Defense."

-Dean Parsons, Lead Researcher, SANS Institute


Why ABS Consulting?

We're the Experts.

ABS Consulting provides a comprehensive portfolio of OT cybersecurity consulting, implementation and risk management services. We help organizations, like yours, identify and mitigate critical cyber threats in real-time. We focus on stopping the bad guys so you can focus on what really matters: Your Operations.

Back to top