A new survey conducted by Dimensional Research, which was carried out in November 2015, assessed cyber security challenges faced by organizations in the energy sector. Study respondents included over 150 IT professionals in the energy, utilities, and oil and gas industries.
When asked if their organization had experienced a rise in successful cyber attacks in the last 12 months, seventy-seven percent of the respondents replied, “yes.” In addition, more than two-thirds of the respondents (sixty-eight percent) said the rate of successful cyber attacks had increased by over twenty percent in the last month.
- Energy executives were more than twice as likely to believe their organization detected every cyber attack (forty-three percent) than nonexecutives (seventeen percent).
- In the last 12 months, seventy-eight percent of the respondents said they experienced a cyber attack from an external source, and thirty percent have seen an attack from an inside employee.
- Forty-four percent of the respondents indicated they have not gathered enough information to identify the sources of cyber attacks on their organizations.
- Nearly one-fourth (twenty-two percent) of the respondents admitted their organizations do not have business processes to identify sensitive and confidential information.
According to the Department of Homeland Security, the energy sector faces more cyber attacks than any other industry. Despite these escalating risks, the energy sector faces serious challenges responding to security threats effectively. For example, the results of the North American Electric Reliability Corporation’s (NERC) GridEx III “cyberwar games” revealed significant challenges with the cyber threat intelligence practices of grid operators.
Many critical systems cannot be isolated, and it’s only a matter of time before attackers target U.S. power systems.