
2020 Global IoT/ICS Risk Report
A data-driven analysis of IoT/ICS vulnerabilities — from insecure networks and unmanaged devices — observed in 1,800+ production networks across diverse industries worldwide
Learn Why IoT/ICS Networks and Unmanaged Devices are Soft Targets For Adversaries
Now in its 3rd year, this data-driven analysis of real-world IoT/ICS vulnerabilities remains the only one of its kind.
Based on data collected in the past 12 months from 1,821 production IoT/ICS networks — across a diverse mix of industries worldwide — the analysis was performed using passive, agentless monitoring with patented deep packet inspection (DPI) and Network Traffic Analysis (NTA).
The data shows that IoT/ICS environments continue to be soft targets for adversaries, with security gaps in key areas such as:
- Outdated operating systems
- Unencrypted passwords
- Remotely accessible devices
- Unseen indicators of threats
- Direct internet connections
- No automatic AV updates
But that doesn’t mean nothing can be done. Ruthless prioritization is key. The report lays out a series of 7 practical steps for protecting your organization’s “crown jewel” assets, based on expert recommendations from NIST and INL.
Including data from previous reports, CyberX has now analyzed over 3,000 IoT/ICS networks worldwide. Unlike opinion-based surveys, this analysis is based on real-world network traffic — making it a more accurate representation of the current state of IoT security, ICS security, SCADA security, and OT security.
Get all the findings and expert recommendations.