A quarter of cybersecurity budgets to safeguarding critical infrastructure.
There are significant gaps in cybersecurity budgets amid a surge in attacks on OT and industrial control systems.
According to research by SANS Institute and OPSWAT, insufficient funding, misaligned priorities, and fragmented defences are leaving critical infrastructure exposed to increasingly sophisticated threats.
While 55 percent of organisations reported increased ICS/OT cybersecurity budgets over the past two years, much of that investment remains heavily skewed toward technology, with limited focus on operational resilience. Fewer than half of respondents allocate only 25 percent of their cybersecurity budgets to safeguarding critical infrastructure.
Also, over the past year, more than 50 percent of organisations experienced at least one security incident involving ICS/OT systems. Among the top vulnerabilities exploited were internet-accessible devices (33 percent) and transient devices (27 percent), often used to bypass traditional defences
Dean Parsons, principal instructor and CEO and principal consultant of ICS Defense Force said: “Effective critical infrastructure defence requires a strategic investment in ICS/OT-specific security training, ensuring that those responsible for monitoring ICS controls have a deep understanding of control system networks.
“Organisations that fail to re-evaluate their threats to their ICS environments leave critical infrastructure vulnerable to increasingly sophisticated attacks. Protecting these engineering systems isn’t optional—it’s essential for operational resilience and national security.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
