A new study revealed that 67 percent of critical infrastructure providers reported falling victims to at least one security breach in the last 12 months, causing disruption of operation or the loss of sensitive information.
The alarming number was drawn from surveying nearly 600 security executives at utility, oil and gas, energy and manufacturing companies. In addition, the majority of respondents (64 percent) believed to anticipate one or more serious attacks in the coming year.
Nonetheless, only 28 percent of the companies accountable for the nation’s power, water and other vital utilities, ranked security as one of the top five strategic priorities for the business.
Dr. Larry Ponemon, chairman of the Ponemon Institute, said, “The findings of the survey are startling, given that these industries form the backbone of the global economy and cannot afford a disruption.” Ponemon stated that although these organization are certainly aware of the need for security protection, not nearly enough is being done to protect the critical infrastructure against attacks.
The survey also revealed that only one in six respondents described their organization’s IT security program or practice as mature, where most IT security programs are deployed. Respondents who reported a breach in their organization often attributed the breach to a mistake or internal accident. However, a mere six percent of respondents said their organization offers proper cybersecurity training for all employees, despite listing malicious insiders as a top threat to the organization’s security.
“We hope the survey results serve as a wake-up call to critical infrastructure providers to take a much more proactive, holistic approach to securing their IT systems against attacks,” said Dave Frymer, Unisys Chief Information Officer.
Additional key findings from the study, include:
- 34 percent of respondents said their companies do not get real-time alerts, threat analysis and threat prioritization intelligence
- Only 17 percent of companies surveyed reported that most of their IT security program activities are deployed
- 57 percent of respondents agreed that cyber threats are putting industrial control systems and SCADA at greater risk
Read More Here…