SANS Industrial IoT Security Survey Finds Practitioners Struggling to Identify What's on Their Networks, How to Secure Things and Organizational Roles in IIoT Security
The Industrial Internet of Things (IIoT) has opened many security concerns, confusion about what constitutes an endpoint and unrealistic perspectives on protecting systems and data, according to the 2018 SANS Industrial IoT Security Survey report, available July 19.
More than half of those taking the SANS survey reported that the most vulnerable aspects of their infrastructure are data, firmware, embedded systems or general endpoints. At the same time, respondents indicated that the debate continues over the definition of an IIoT endpoint.
"The discrepancy in defining IIoT endpoints is the basis for some of the confusion surrounding responsibility for IIoT security," according to Doug Wylie, Director of the Industrials & Infrastructure Business Portfolio at SANS Institute. "Many practitioners likely are not adequately identifying and managing the numerous assets that in some way connect to networks—and present a danger to their organizations. For this reason, it is important for company IT and OT groups to agree to a common definition to help ensure they adequately identify security risks as they evolve their systems to adapt to new architectural models."
The survey uncovered other potential endpoint issues. For example, only 40% said they apply and maintain patches and updates to protect IIoT devices and systems, and 56% noted difficulty in patching as one of the greatest security challenges. Almost 40% said identifying, tracking and managing devices represented another significant security challenge.
Finally, the survey unveiled a chasm between the OT, IT and management perceptions of IIoT security. Only 64% of OT departments reported being somewhat-confident or confident in their ability to secure their IIoT infrastructure, as opposed to 83% of IT department respondents and 93% of company leaders.
"What really jumped out was the disparity in confidence as to how secure IIoT really is," said Barbara Filkins, SANS Analyst Program Research Director and survey report author. "This disparity represents a major cultural change in how industrial organizations must approach the security risks in a world of IIoT."
Full results will be shared during a July 19, 2018 webcast hosted by SANS at 1 PM EDT (UTC-4), sponsored by Accenture Security, ForeScout Technologies, Inc., and Indegy. Register to attend the webcast at www.sans.org/webcasts/106900
Those who register for the webcast will also receive access to the published results paper developed by Barbara Filkinswith input from Doug Wylie, Director of the Industrials & Infrastructure Business Portfolio at SANS Institute.