Industrial Control Systems (ICS), often referred to as Supervisory Control and Data Acquisition (SCADA) systems, monitor and control large industrial and infrastructure processes. Attacks against these systems, particularly energy-generation systems, are increasing and becoming more targeted against specific systems while also increasing in number.
SANS began examining this trend of attacks against SCADA and other control systems, publishing its first survey on SCADA and ICS security in June 2013. Results showed that respondents were having difficulty securing their control system environments and were beginning to experience breaches. Since then, the number of entities with identified or suspected security breaches increased from 28% in our 2013 survey to nearly 40%, based on this yearâ€™s survey findings. Taken online by 268 respondents, this nonscientific survey also indicates organizations are experiencing increased levels of concern over public safety and difficulties with visibility into their environments, including their vulnerabilities. It also points to the emergence of a new job definition that could bridge ICS and IT security roles.