Every second ICS company experienced between one and five IT security incidents last year. On average, ineffective cybersecurity costs industrial organisations up to $497K (383K) per year. Despite high awareness about new threats such as targeted attacks and ransomware, the biggest pain point for the majority of ICS organisations is still conventional malware: this tops the list of incident experience concerns with 56 per cent of respondents considering it to be the most concerning vector. Internal threats are more dangerous than external threats, but what is done internally has a direct path without a firewall in between.”]