// 01Executive summary
This SANS survey highlights critical ICS/OT cybersecurity risks, emphasizing that IT compromises are the leading initial attack vector for OT incidents (58%), followed by internet-accessible devices (33%) and transient devices (27%). Organizations must prioritize securing IT-OT interfaces, identifying and hardening internet-facing OT assets, and implementing strict controls for removable media to mitigate these prevalent threats. With 27% of organizations experiencing ICS/OT incidents annually, immediate action is required to enhance detection capabilities and response strategies across these identified vectors. Focus should be on continuous monitoring of IT-OT convergence points and robust asset management for internet-exposed and transient devices to prevent operational disruptions. These findings underscore the urgent need for adapted security processes to protect critical infrastructure from common attack pathways.
// 02Key metrics
// ttps
2
ATT&CK techniques
// iocs
0
indicators
// actors
0
threat groups
// kwords
10
keywords
// 03MITRE ATT&CK
// 04Threat actors
// no actors matched
// 05Indicators of compromise
// ips0
none
// domains0
none
// urls0
none
// sha2560
none
// md50
none
// emails0
none
// cves0
none
// 07YARA rule
// No IOCs available for YARA rule generation
// 08Keywords
{'keyword': 'ics', 'score': 22.706}
{'keyword': 'ot', 'score': 22.1162}
{'keyword': 'ics ot', 'score': 18.5646}
{'keyword': 'security', 'score': 16.3241}
{'keyword': 'budget', 'score': 14.221}
{'keyword': 'cybersecurity', 'score': 13.9754}
{'keyword': 'organizations', 'score': 11.9278}
{'keyword': 'critical', 'score': 9.8237}
{'keyword': 'controls', 'score': 9.3506}
{'keyword': 'respondents', 'score': 8.4225}