Are utilities prepared to prevent cyber attacks?

Security

by Byomakesh Biswal| 14 July 2014

Only 28% of firms feel security is a strategic priority.

Utility are unprepared deal with both internal and external threats, despite nearly 70% of them having reported a security breach in past year, according to a report.

In the survey conducted by the Ponemon Institute on behalf of IT services company Unisys, only 28% of utilities companies said that security is in the top five strategic priorities for their organisation, while the majority of them consider minimising downtime as priority.

Among those surveyed, 64% anticipate that their organisations could face one or more serious attacks in the coming year.

Ponemon Institute chairman and founder, Dr. Larry Ponemon, said: "The findings of the survey are startling, given that these industries form the backbone of the global economy and cannot afford a disruption."

"While the desire for security protection is apparent among these companies, not nearly enough is actually being done to secure our critical infrastructure against attacks."

The survey sampled 599 security executives from utility, oil and gas, energy and manufacturing companies, and it found that only one in six organisations' IT security programme is mature.

Out of those who have reported a data breach inthe past year, most blamed it on an internal accident or mistake, and negligent insiders.

However, despite the looming threat within, only 6% said that they have a mechanism in place to provide training to employees.

Unisys chief information security officer, Dave Frymier, said: "Whether malicious or accidental, threats from the inside are just as real and devastating as those coming from the outside.

"We hope the survey results serve as a wake-up call to critical infrastructure providers to take a much more proactive, holistic approach to securing their IT systems against attacks. Action should be taken before an incident occurs, not just after a breach."

About 78% of the firms said that there is a good chance of a successful attack on the ICS and SCADA system within the next 24 months.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

733 people like this.
0 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.