Latest SANS Survey Finds ICS Security Risks Reach All-Time High

  • 69-percent rate ICS security threats as high or severe and critical
  • 40-percent lack visibility to know if their network has been breached
  • Unprotected devices, nation-states, ransomware ranked top threats

SAN FRANCISCO, July 05, 2017 (GLOBE NEWSWIRE) -- Nozomi Networks, the pioneer in real-time cybersecurity and operational visibility for industrial control systems (ICS), today announced ICS cybersecurity threats are growing and identifying attacks continues to be a major challenge according to the annual SANS Institute ICS survey set to be released next week. The survey, co-sponsored by Nozomi Networks and other industry leaders, finds that while there has been some progress in protecting critical assets and infrastructure, new challenges have emerged.

Four out of 10 ICS security practitioners lack visibility into their ICS networks, which is one of the primary impediments to securing these systems. Ransomware was newly identified as a top threat, along with the growing addition of devices to the network.

Despite almost daily news coverage of recent attacks on unpatched systems, SANS found that only 46% of respondents regularly apply vendor-validated patches; and 12% neither patch nor layer controls around critical control system assets.

While reliability and availability remain the highest priority for OT systems, 69% of ICS security practitioners believe threats to the ICS systems are high or severe and critical.

“The survey confirms practitioners’ intent to move beyond the basics of prevention because industrial intrusion detection tops the list of new technologies they most want to implement,” said Andrea Carcano, Nozomi Networks co-founder and renowned SCADA cybersecurity pioneer. “It’s clear ICS cybersecurity is maturing as operators recognize the likelihood of infiltration and seek early warning to improve resiliency.”

“With more and more unprotected devices making their way into operational networks, and with ransomware, hacktivism and nation state attacks on the rise, owners of critical infrastructure can no longer afford to gamble with weaknesses in ICS security,” said Nozomi Networks CEO Edgard Capdevielle. “Fortunately, CISOs are taking notice, security budgets are growing and a new generation of ICS security solutions is available to help. As an example, Nozomi Networks’ SCADAguardian was specifically designed to deliver the deep industrial network visibility and intrusion detection that survey respondents say they need. And SCADAguardian’s automated vulnerability assessment gives operators real-time access to device vulnerabilities, updates and patch requirements. As ICS experts, we understand the challenges operators face in securing their industrial networks, fortunately advances in technology are making it easier for them to reduce their risks and improve resilience.”

SANS and a group of experts, including Mr. Capdevielle, will share results of the survey during a webcast Tuesday, July 11.

Register to attend the webcast at

Sign up here to receive a copy of the full survey results and recommendations to be released on July 11.

About Nozomi Networks
Nozomi Networks is revolutionizing Industrial Control System (ICS) cybersecurity with the most comprehensive platform to deliver real-time cybersecurity and operational visibility. Since 2013 the company has innovated the use of machine learning and artificial intelligence to meet the unique challenges of critical infrastructure operations. Nozomi Networks delivers both cybersecurity and process anomaly detection along with industrial network visualization and monitoring, asset inventory, and vulnerability assessment. Deployed in the world’s largest industrial installations, customers benefit from enhanced cybersecurity and improved operational reliability with one end-to-end solution. Nozomi Networks is headquartered in San Francisco, California.   

About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technical certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (

Press Contact:
Jil Backstrom, Gamut Public Relations - 303.913.1650
Follow the Nozomi Networks Blog
Follow @nozominetworks on Twitter
Visit and Follow the Nozomi Networks Corporate Page on LinkedIn