ICS Security and Management of Change: Risks and Resilience
Whether dealing with scheduled upgrades or unexpected shifts in the operational environment, having a measurable control process is key to maintaining security and stability. This white paper explores the intersection of ICS security and management of change (MoC).
sans-dely-ics-security (PDF, 1.50MB)
15 Apr 2025Related Content
2026 SANS SOC Survey Insights: A Decade of Evolution in Cyber Defense
Research PaperSANS 2026 SOC Survey findings that dive into: where SOCs are investing, where they are struggling, and where the gap between high-performing teams and everyone else is widening.
- 15 Jun 2026
- Christopher Crowley
Securing the Sun: Impact-Effective Cybersecurity Controls for Solar SCADA
Research PaperBased on research conducted with a custom-built lab emulating a utility-grade solar SCADA network, this paper details the greatest impact on a solar site, in the form of physical consequences to power generation capabilities.
- 11 Jun 2026
- Wesley D. Barrier
OT Network Visibility and Detective Controls in a NERC CIP World
Research PaperAs cyber threats grow and regulations evolve, critical infrastructure must balance compliance and innovation.
- 20 Aug 2025
- Tim Conway
NERC CIP-015: Monitoring Deep Inside Critical Networks to Keep Adversaries Outside
Research PaperThe North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Standards (hereinafter referred to as the Standards) require preventive controls to establish Electronic Security Perimeters (ESPs) containing Bulk Electric System (BES) Cyber Systems and to control communications in and out of those ESPs.
- 14 Aug 2025
- Tim Conway, Robert M. Lee
SANS 2025 Security Awareness Report
Research PaperNow in its 10th year, the SANS Security Awareness Report remains the definitive, practitioner-built resource for understanding and managing the human side of cybersecurity.
- 12 Aug 2025
- Lance Spitzner
Prioritized Industrial Cyber Defense in Oil and Gas
Research PaperSANS Institute developed a white paper exclusively for ONE-ISAC members to address the urgent cybersecurity challenges facing the oil and gas sector.
- 13 Jun 2025
- Dean Parsons
Be a DLP Hero: How to Quickly Deliver Value from Your DLP Program and Set It Up for Future Success
Research PaperDownload this paper and learn how to launch or strengthen your data loss prevention (DLP) program.
- 3 Jun 2025
- Kevin Garvey
Resiliency and Business Continuity in the Cloud Era
Research PaperIn this white paper, Dave Shackleford unpacks today’s evolving cloud threat landscape.
- 21 May 2025
- Dave Shackleford
SANS 2025 CTI Survey Webcast & Forum: Navigating Uncertainty in Today’s Threat Landscape
Research PaperThis paper explores results from the SANS 2025 CTI Survey, with insights into how cybersecurity...
- 20 May 2025
- Rebekah Brown, Andreas Sfakianakis
Collaborative Mobile App Security Development and Analysis
Research PaperIn this tactical, insight-rich review, Jeroen Beckers shares how to overcome mobile app security challenges and modernize your testing with Corellium’s virtual device platform—built for real-world conditions and faster results.
- 19 May 2025
- Jeroen Beckers
A Pebble In the Ocean: Maximizing Log Fidelity In Container Environments
Research PaperLog fidelity is crucial for Incident Response Teams to investigate and contain cyber incidents but can be difficult to optimize in containerized environments.
- 17 Apr 2025
- Zach Salva
Webs of Deception: Using the SANS ICS Kill Chain to Flip the Advantage to the Defender
Research PaperUsing the SANS ICS Cyber Kill Chain, the research implemented a representative ICS network to evaluate the effectiveness of security controls for use by small ICS defenders.
- 14 Apr 2025
- Oren Niskin
ARMO’s Behavioral Cloud Application Detection and Response (CADR) Platform
Research PaperThis paper explores how ARMO Platform is attempting to solve the challenge with the industry’s first behavioral cloud application detection and response (CADR) product.
- 18 Mar 2025
- Moses Frost
ASPM: Understanding the New Application Security Landscape
Research PaperMalicious actors continue to prey on the challenges of rapid software development cycles and cloud computing adoption. This paper examines where an application security posture management (ASPM) solution comes in.
- 18 Mar 2025
- Chris Edmundson, SANS Institute
2025 ICS/OT Cybersecurity Budget: Spending Trends, Challenges, and the Future
Research PaperThis white paper explores the findings of the 2025 SANS Survey on ICS/OT Security Budgets.
- 3 Mar 2025
- Dean Parsons
2025 SANS Detection Engineering Survey: Evolving Practices in Modern Security Operations
Research PaperTo dive deep into understanding the current state and future trends of this critical field, SANS has partnered with Anvilogic to conduct a comprehensive survey of Detection Engineering professionals across various industries. Dive into the findings in this whitepaper.
- 24 Feb 2025
- Terrence Williams
Empowering Responders with Automated Investigation
Research PaperThis white paper investigates how Binalyze’s AIR platform reduces the overhead of forensic investigations by automating the process of collecting artifacts, triaging the data, and identifying next steps.
- 18 Feb 2025
- Megan Roddie-Fonseca
Critical Cybersecurity for Safer Water Management
Research PaperThe paper emphasizes the importance of skilled ICS cybersecurity defenders and ICS-specific security controls aligning with the SANS Five ICS Cybersecurity Critical Controls.
- 28 Jan 2025
- Dean Parsons
Google SecOps: The SIEM’s Third Act
Research PaperDiscover how SecOps is ushering in the "SIEM's Third Act" by addressing the limitations of traditional SIEMs and empowering security teams with cutting-edge tools for threat-informed defense.
- 21 Jan 2025
- Mark Orlando
Unveiling the Dependency on Network Telemetry: Optimizing Lateral Movement Detection
Research PaperThis study investigates the dependency on network and endpoint telemetry for identifying lateral movement attacks, focusing on the Remote Services technique from MITRE ATT&CK.
- 17 Jan 2025
- Kyu Jin Therrien
