The data shows major security gaps remain in key areas such as plain-text passwords, direct connections to the internet, and weak anti-virus protections. Although the prevalence of Windows XP and other legacy Windows systems has decreased year-over-year — driven top-down by management in the aftermath of NotPetya’s financial damage — CyberX is still finding unpatchable Windows systems in slightly more than half of all industrial sites.
Unlike questionnaire-based surveys, the CyberX report is based on analyzing real-world traffic from production ICS networks, making it a more accurate representation of the current state of ICS security. Now in its second year, the report is based on data captured over the past 12 months from more than 850 production ICS networks across six continents and all industrial sectors including energy and utilities, manufacturing, pharmaceuticals, chemicals, and oil and gas.
According to Andy Bochman, senior grid strategist for national and homeland security at the Idaho National Laboratory (INL) and a nationally recognized cybersecurity expert: “If you are in critical infrastructure you should plan to be targeted. And if you’re targeted, you will be compromised. It’s that simple.”
But that doesn’t mean nothing can be done. Ruthless prioritization is key. Many problems exist, but not all of them need to be solved at once. In the report, CyberX lays out a series of eight steps towards protecting an organization’s most essential assets and processes. These include: continuous ICS network monitoring to immediately spot attempts to exploit unpatched systems before attackers can do any damage; threat modeling to prioritize mitigation of the highest consequence attack vectors; and more granular network segmentation.
"We’re not here to create FUD, but we think it’s important for business leaders to have a data-driven view of ICS risk so they can ask the right questions,” said Dan Shugrue, senior director of industrial cybersecurity for CyberX. “We’re definitely making progress in reducing ICS risk, but we have a long way to go. Reducing ICS risk is a journey — most of these ICS networks were designed decades ago, long before cybersecurity was a key design priority.”
CyberX delivers the only industrial cybersecurity platform built by blue-team military cyber-experts with nation-state expertise defending critical infrastructure. That difference is the foundation for the most widely-deployed platform for continuously reducing ICS risk and preventing costly production outages, safety failures, and environmental incidents.
Notable CyberX customers include 2 of the top 5 US energy providers; a top 5 US chemical company; a top 5 global pharmaceutical company; and national electric and gas utilities across Europe and Asia-Pacific. Strategic partners include industry leaders such as Palo Alto Networks, IBM Security, Optiv Security, DXC Technologies, and Deutsche-Telekom/T-Systems.
Montner Tech PR
Photos accompanying this announcement are available at