1、SurveySANS ICS/OT Cybersecurity Survey:2023s Challenges and Tomorrows DefensesWritten by Dean ParsonsSeptember 20232023 SANS Institute2SANS ICS/OT Cybersecurity Survey:2023s Challenges and Tomorrows DefensesExecutive SummaryThe ICS threat landscape continues to change,influenced by increased targeti

2、ng of critical infrastructure with ransomware and by the discovery of an ICS-specific scalable attack framework in recent times.1 Mature facilities are embracing the differences between IT and ICS/OT,then deploying specific ICS-aware technology,pursuing trained defenders,and focusing on dedicated IC

3、S security efforts.The evolution of targeted threats against critical infrastructure and ransomware events affecting ancillary ICS services send a clear message to the community.That message is:Proactive control system defense is required to preserve safety of operations.Whats more,a well-designed,I

4、CS-specific,defense-in-depth security program is not a nice-to-have,it is essential.Reactive-only organizations,that is,organizations waiting for already deployed preventive controls to be compromised or to fail,are at a disadvantage from the outset because adversaries have the means,methods,and mot

5、ives to cause disruptive and destructive consequences to engineering systems that could negatively impact the safety of people(when adversaries use living-off-the-land attack techniques,for example).ICS cybersecurity defenders and leaders must be proactive.That is,they should assume defense-in-depth

6、 controls will fail,and push their team toward ICS threat hunting and making changes that reduce the ability of adversaries to living-off-the-land.This 2023 ICS/OT Cybersecurity Survey addresses key questions,trends,and challenges,and puts forth best practices for practical control system cybersecur