Four out of 10 IT Managers Can`t Find the Source of Breaches, Study Says

Some 42% of IT managers said they were unable to identify the source of security breaches, while 32% of those who admitted having experienced a breach can’t say how often they were breached, according to a SANS Institute survey.

The increasing integration of IT into once-isolated operations technology systems is one of the top three threat vectors found by security professionals. 42% of respondents say the threat of attack from external actors is their biggest concern, while internal threats came second, followed by integration of IT into control system networks.

“The number of confirmed breaches is rising, but the limited ability of most ICS security systems to detect attacks, let alone reveal their source and type, is at least as big a problem as the number of attacks on operational technology systems,” according to Bengt Gregory-Brown, consultant to the SANS ICS program. “Lack of visibility into ICS systems is a problem, and one that’s growing with greater connectivity and the IT-OT integration.”

IT and ICS are converging with greater frequency than integration. Only 29% of respondents have begun implementing a strategy to manage that convergence securely, while 36% are developing a strategy and 18% have no strategy at all and don’t plan to develop one.

The SANS Institute survey included 206 companies, with 43% of respondents working for companies with 10,000 or more employees and 53% holding positions in their organization`s IT security operation.