Critical Infrastructure Security

Significant ICS/OT security spending decline reported

SecurityWeek reports that organizations across the IT, energy, and government sectors had significantly lower budgets for industrial control systems and operational technology cybersecurity this year, compared with 2022. Moreover, the rate of organizations that did not have any ICS/OT cybersecurity rose from 7% to over 21% between 2022 and 2023, according to a SANS Institute survey. However, more than 60% reported considering investments in systems that would bolster control system asset visibility within the next 18 months, while 30% expressed plans to strengthen their control system networks' anomaly and intrusion detection systems. Most respondents also reported that their penetration testing systems have been targeted at devices on Level 3 and DMZ of the Purdue Model, while threat intelligence for strengthening OT security posture was mostly obtained through public data. "Although some facilities may be in a low budget cycle for 2023, it's imperative that they continue focusing on their ICS cybersecurity roadmap. This means spending on what will provide the highest return to reduce the highest known risks," said SANS.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.