Employee errors or unintentional actions were behind 52 percent of incidents affecting operational technology and industrial control system (OT/ICS) networks last year, according to a new Kaspersky report “State of Industrial Cybersecurity 2019”.

The most common types of vulnerabilities within industrial control systems:

  • Misconfigurations (34.7 percent)
  • Vulnerabilities, patches and updates (26.7 percent)
  • Identity and access management (12.9 percent)
  • Insecure services enabled (7.9 percent)
  • Architecture and network segmentation (7.9 percent)
  • Encryption and authentication (5.9 percent)
  • Other (2 percent)

Key trends identified within the industry:

  • Greater public awareness of issues around industrial cybersecurity
  • Closer integration of OT and IT systems
  • The rapid proliferation of new and untested technologies
  • An increase in the number of cybersecurity regulations around the world
  • The growth of cyber insurance
  • The shortage of industrial cybersecurity skills

Top five technical problems observed within the industry: 

  1. Outdated and vulnerable software
  2. Inadequate network segregation
  3. Lack of system hardening
  4. Weak access control
  5. Insufficient logging and monitoring

Top five non-technical problems observed within the industry:

  1. Governance of cybersecurity in OT is low. 
  2. Staff training and security awareness
  3. Business continuity plan
  4. Third party management
  5. Incident response planning

How do attackers get in? The report says:

  • Vendors
  • Remote operations
  • IT/OT integration
  • Industrial Internet of Things (IIoT) sensors and gateways
  • Malware infection from removeable media
  • Poorly configured access points and modems