Tripwire Survey: Smart Grids Lack Cyber Security Protection
PORTLAND, Ore. – October 18, 2016 – Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced the results of a Tripwire survey conducted by Dimensional Research. The June survey assessed cyber security challenges associated with smart city technologies. Survey respondents included over 200 IT professionals working for state and local governments.
According to Tripwire’s survey, ninety-eight percent of respondents consider smart cities at risk for cyber attacks. Smart cities use IT solutions to manage a wide range of city services, including smart grids, transportation, surveillance cameras, wastewater treatment and more. Smart grids and other smart city services face unique and escalating cyber threats. For example, the results of the North American Electric Reliability Corporation’s (NERC) GridEx III "cyberwar games" revealed significant challenges with the cyber threat intelligence practices of grid operators.
The Tripwire survey found that thirty-eight percent of respondents believe smart grids have the greatest cyber security risks when compared to other smart city services and twenty percent said they have the smart city initiatives for their smart grids. However, over half (fifty-five percent) of the respondents believe cities do not devote adequate cyber security resources to smart city initiatives.
“Smart grids can help optimize utilities, but bring additional cyber security and regulatory challenges,” said Rekha Shenoy, vice president and general manager of industrial cyber security for Belden, Tripwire’s parent company. “Respondents to this survey seem to recognize these threats, but their smart city initiatives need further refinement. Identifying smart city cyber risks is just one step; smart cities need to translate this recognition into action.”
Additional findings from the survey include:
- When asked why there is a lack of cyber security resources for smart city initiatives, sixty-one percent of respondents cited budgets, and sixty percent believe politics interfere with decision-making.
- Over a quarter (twenty-six percent) of the respondents said transportation faced the greatest cyber security risks when compared to other smart city services.
- Ninety-eight percent of respondents said their jurisdictions’ smart city initiatives are important.
“Security isn’t usually glamorous, and it can be difficult to sell the need for added time and cost on a project, even when it’s to ensure that services are secure,” said Tim Erlin, senior director of IT security and risk strategy for Tripwire. “Smart city initiatives are pushing the technological envelope for urban infrastructure management, and it’s clear from the survey results that cyber security is being left out of the conversation.”
Shenoy added: “Municipalities are dazzled by the promises of the Industrial Internet of Things, which can bring cost savings and improved efficiency. However, the dazzle will wear off quickly if smart city initiatives can’t keep up with new threats, regulatory requirements and hidden costs. In order to succeed, smart cities must actively protect their critical infrastructure.”
Tripwire will be exhibiting at NERC’s annual Grid Security Conference (GridSecCon), booth 1. The conference will take place October 17 - 24, 2016, at the Hilton Quebec in Quebec, Canada.
Tripwire is a leading provider of security, compliance and IT operations solutions for enterprises, industrial organizations, service providers and government agencies. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business context; together these solutions integrate and automate security and IT operations. Tripwire’s portfolio of enterprise-class solutions includes configuration and policy management, file integrity monitoring, vulnerability management, log management, and reporting and analytics. Learn more at tripwire.com, get security news, trends and insights at tripwire.com/blog or follow us on Twitter @TripwireInc.