Energy companies underestimate cyber security risks
Global oil companies and infrastructure operators are not sufficiently prepared to deal with cyber security threats, according to a recent analysis by the Ponemon Institute, commissioned by IT company Unisys, covering 599 global IT security executives at utilities, oil and gas, energy and manufacturing companies.
The analysis found large gaps in security planning and strategy implementation, leaving organizations exposed to cyber threats, despite the fact that over the past few years these sectors have become a primary target of cyber criminals. In fact, more than two in three respondents reported experiencing at least one security compromise over the past 12 months, Unisys said.
Authors of the report found that IT decision-makers had difficulties in communicating the importance of cyber security to corporate leaders and were fully aware of the fact that their organizations were vulnerable to attacks. Less than one-fifth of respondents said most of their key IT initiatives intended to protect their organizations had been implemented and only 28 percent of those polled confirmed that cyber security was among the top five priorities for their companies.
Larry Ponemon, head of the institute, commented that there was a gap between the people responsible for security and the top management of organizations. This is especially problematic for organizations operating in the power and energy sectors because research shows that cyber attacks on them are inevitable and it is only a matter of time before each of them becomes a target.