SlideShare uma empresa Scribd logo

2015 Energy Industry Cybersecurity Research Update

GridCyberSec
GridCyberSec

The document is an energy industry cybersecurity report from July 2015. It provides key findings from surveys of energy organizations regarding their cybersecurity risks, programs, and challenges. Some of the main findings are that organizations acknowledge growing cyber risks but are not confident in their ability to manage them, most have experienced a disruptive cyber incident, and insiders are viewed as the biggest risk. The report aims to help organizations evaluate and improve their cybersecurity efforts.

Tecnologia
1 de 13
Baixar para ler offline
Energy Industry Cybersecurity Report July 2015
1 Energy Industry Cybersecurity Report Copyright © 2015 by ScottMadden, Inc. All rights reserved. INTRODUCTION Due to information sharing concerns, energy industry cybersecurity information is not readily available. However, understanding what your industry peers are doing to respond to a growing cyber threat is required to make the best possible decisions. ScottMadden is committed to serving the energy community by providing timely cybersecurity information. We provide daily research report updates, statistics, and industry insight on our sponsored website, www.gridcybersec.com. Cybersecurity leading practices and recommendations can be found at www.scottmadden.com. And we are pleased to provide this Energy Industry Cybersecurity Report, a compilation of energy sector cybersecurity research. This report will help you understand:  Industry perceptions of cyber risks  Industry confidence levels in its ability to mitigate these risks  Cybersecurity strategies, organizational responsibilities, and practices being used  Cybersecurity concerns and obstacles that need to be addressed in order to adequately secure their critical assets This report will help you evaluate your cybersecurity program efforts, including:  How your practices and capabilities compare to the industry  How your perceptions and concerns compare to the industry ScottMadden’s research is gathered from global energy industry surveys. Information on SCADA and industrial control systems is pulled from surveys of critical infrastructure operators that include energy utilities (but not exclusively). KEY FINDINGS The report’s key findings include:  Energy organizations acknowledge a growing cybersecurity risk, and most expect their IT and operation technology (OT) assets to be attacked  Most organizations have implemented cybersecurity programs and consider them relatively mature  Organizations are not confident they are effectively managing risks to their IT and OT assets
2 Copyright © 2015 by ScottMadden, Inc. All rights reserved.  Most organizations have experienced a cybersecurity incident that resulted in either a data loss or disruption to operations  Insiders present the biggest cybersecurity risk to organizations  Organizations are concerned about having sufficient cybersecurity resources  Most organizations share responsibility for OT security between the information security officer and the operator of the control system  Organizations are lacking real-time, actionable cybersecurity intelligence  Half of the organizations have adopted a unified security and controls framework These findings reveal some inconsistencies. There is growing awareness of cybersecurity risks and the increasing threat they present to energy operations. Organizations also claim their cybersecurity practices are maturing. But despite this improved awareness and these maturing cyber capabilities, there is not a corresponding level of confidence in the organization’s ability to deal with security risks. There are lessons to be learned from the incidents that are occurring. While nation-state, terrorist, and criminal activities get all the headlines, the number-one threat remains insiders and trusted partners. Your cybersecurity efforts need to be commensurate with this high-probability risk. The research identified relatively flat security budgets, so it is important that security efforts and investments are focusing on high-probability and high-impact risks. A number of improvement opportunities are also identified. This includes improvements in real-time, actionable intelligence. Adoption of a standard control framework, preferably the NIST cybersecurity framework, can also guide efforts for the roughly 50 percent of organizations not using an industry standard. There is also an opportunity to dedicate resources explicitly to OT cybersecurity, including SCADA and industrial control systems.
3 Copyright © 2015 by ScottMadden, Inc. All rights reserved. FINDINGS DETAILS Finding 1: Energy organizations acknowledge a growing cybersecurity risk, and most expect their IT and OT assets to be attacked. Organizations indicated that the risk level of their control system environments has substantially increased, and they anticipate an attack on their IT and SCADA assets.
4 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 2: Most organizations have implemented cybersecurity programs and consider them relatively mature. The majority of organizations have many cybersecurity program elements in place, and the average maturity of industry security programs is considered middle to late stage—practices are defined and are either partially or mostly implemented.
5 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 3: Organizations are not confident they are effectively managing risks to their IT and OT assets. Organizations are unsure how effective their security management efforts are at mitigating risks. Specifically, they indicated weaknesses in compliance efforts, security requirement enforcement, and their use of state-of-the-art technologies.
6 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 4: Most organizations have experienced a cybersecurity incident that resulted in either a data loss or disruption to operations. Two-thirds of organizations have experienced at least one disruptive cybersecurity incident. Thirteen percent have had their SCADA networks compromised, and 26 percent have had other industrial control systems impacted.1
7 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 5: Insiders present the biggest cybersecurity risk to organizations. Despite the well-publicized risks of nation-states, criminal enterprises, and hacktivists, insiders remain the most probable source of cyber risk—either intentionally or unintentionally.
8 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 6: Organizations are concerned about having sufficient cybersecurity resources. Eighty percent of respondents indicated they have either one person or no one dedicated to control system cybersecurity, and spending has been flat while the perceived threat is increasing.
9 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 7: Most organizations share responsibility for OT security between the information security officer and the operator of the control system. Control system operators were identified by just more than half of organizations surveyed as responsible for ICS cybersecurity. Few organizations have dedicated OT cybersecurity resources.
10 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 8: Organizations are lacking real-time, actionable cybersecurity intelligence. Twenty-five percent of organizations characterized their OT intelligence as either very effective or effective, while 56 percent either indicated their intelligence as not effective or nonexistent. This is further demonstrated by the answers to incident questions, where a commonly provided answer was “unknown.” Question % Responding “Unknown” What was the root cause of the ICS/SCADA security breaches over the past 12 months? 1 21% If you had an ICS/SCADA breach, how many times did such events occur in the past 12 months? 2 34% How long did it take to discover the ICS/SCADA infiltration or exploit? 2 34% Source of ICS-CERT reported security incidents 3 38%
11 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 9: Half of the organizations have adopted a unified security and controls framework. One-third of organizations have either adopted or plan to adopt the NIST cybersecurity framework. CONCLUSIONS Energy company responses to a growing cybersecurity threat have varied. Many capital projects have been launched, introducing new monitoring, detection, protection, and security management capabilities. Cybersecurity capabilities are perceived as maturing. But this research shows that organizations are not becoming more confident in their ability to secure their critical assets. As more attention is placed on what the industry is doing, it is clear that new approaches are needed. This includes a more strategic approach to cybersecurity:  Understanding the enterprise security risks to your organization’s mission  Focusing your organization’s response on the highest priority risks  Building foundational capabilities and methodically maturing and improving them  Demonstrating tangible progress
12 Copyright © 2015 by ScottMadden, Inc. All rights reserved. ABOUT SCOTTMADDEN’S ENERGY PRACTICE We know energy. Since 1983, we have been consulting to the energy industry. We have served more than 300 clients, including 20 of the top 20 energy utilities. We have performed more than 2,400 projects across every energy utility business unit and every function. We have helped our clients develop strategies, improve operations, reorganize companies, and implement initiatives. Our broad and deep energy utility expertise is not theoretical—it is experience based. ABOUT THE AUTHOR Jon Kerner leads ScottMadden’s IT practice. Contact him at jkerner@scottmadden.com. FOR MORE INFORMATION Please visit www.scottmadden.com to learn more about the services we offer. Visit www.gridcybersec.com and subscribe to our newsletters to receive daily cybersecurity research. Also, follow us on twitter @gridcybersec. __________________________________ 1 Critical Infrastructure: Security Preparedness and Maturity, Ponemon Institute, http://www.unisys.com/insights/critical- infrastructure-security 2 Breaches on the Rise: A SANS Survey, SANS Institute, http://www.sans.org/reading-room/whitepapers/analyst/breaches- rise-control-systems-survey-34665 3 ICS-CERT in Review: 2014, Industrial Control Systems Cyber Emergency Response Team, https://ics-cert.us- cert.gov/sites/default/files/documents/Year_in_Review_FY2014_Final.pdf 4 Global State of Information Security Survey: 2015 (Power and Utilities), PWC, http://www.pwc.com/gx/en/consulting- services/information-security-survey

Recomendados

Detroit ISSA Healthcare Cybersecurity
Detroit ISSA Healthcare CybersecurityDetroit ISSA Healthcare Cybersecurity
Detroit ISSA Healthcare CybersecurityDoug Copley
 
Utility Networks Agile Response Capabilities - New Context at EnergySec 2019
Utility Networks Agile Response Capabilities - New Context at EnergySec 2019Utility Networks Agile Response Capabilities - New Context at EnergySec 2019
Utility Networks Agile Response Capabilities - New Context at EnergySec 2019Andrew Storms
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...IBM Security
 
Tcs cybersecurity for healthcare
Tcs cybersecurity for healthcareTcs cybersecurity for healthcare
Tcs cybersecurity for healthcareComtech TCS
 
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionRamón Gómez de Olea y Bustinza
 
Cyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCheffley White
 
Leveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityLeveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityShareDocView.com
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the BoardroomMarko Suswanto
 

Recomendados

Detroit ISSA Healthcare Cybersecurity
Detroit ISSA Healthcare CybersecurityDetroit ISSA Healthcare Cybersecurity
Detroit ISSA Healthcare CybersecurityDoug Copley
 
Utility Networks Agile Response Capabilities - New Context at EnergySec 2019
Utility Networks Agile Response Capabilities - New Context at EnergySec 2019Utility Networks Agile Response Capabilities - New Context at EnergySec 2019
Utility Networks Agile Response Capabilities - New Context at EnergySec 2019Andrew Storms
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...IBM Security
 
Tcs cybersecurity for healthcare
Tcs cybersecurity for healthcareTcs cybersecurity for healthcare
Tcs cybersecurity for healthcareComtech TCS
 
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionRamón Gómez de Olea y Bustinza
 
Cyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCheffley White
 
Leveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityLeveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityShareDocView.com
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the BoardroomMarko Suswanto
 
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Marcello Marchesini
 
Cybersecurity report-vol-8
Cybersecurity report-vol-8Cybersecurity report-vol-8
Cybersecurity report-vol-8Mohamed Abdelhakim
 
Trustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Trustwave: 7 Experts on Transforming Your Threat Detection & Response StrategyTrustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Trustwave: 7 Experts on Transforming Your Threat Detection & Response StrategyMighty Guides, Inc.
 
2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience InsuranceAccenture Insurance
 
From Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber ResilienceFrom Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber Resilienceaccenture
 
CAPP Conference Survey
CAPP Conference SurveyCAPP Conference Survey
CAPP Conference SurveyCynergisTek, Inc.
 
Improving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & ExecutivesImproving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & ExecutivesTripwire
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesLiberteks
 
Security Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecuritySecurity Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecurityDoug Copley
 
4 Cyber Security KPIs
4 Cyber Security KPIs4 Cyber Security KPIs
4 Cyber Security KPIsSteven Aiello
 
Cybersecurity Preparedness Trends and Best Practices
Cybersecurity Preparedness Trends and Best PracticesCybersecurity Preparedness Trends and Best Practices
Cybersecurity Preparedness Trends and Best PracticesTony Moroney
 
Demonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDemonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDoug Copley
 
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013drewz lin
 
Healthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALHealthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALSteve Knapp
 
Securing the Digital Economy: Reinventing the Internet for Trust
Securing the Digital Economy: Reinventing the Internet for TrustSecuring the Digital Economy: Reinventing the Internet for Trust
Securing the Digital Economy: Reinventing the Internet for TrustAccenture Insurance
 
Tech Refresh - Cybersecurity in Healthcare
Tech Refresh - Cybersecurity in HealthcareTech Refresh - Cybersecurity in Healthcare
Tech Refresh - Cybersecurity in HealthcareCompTIA
 
2018 Adobe Cybersecurity Survey
2018 Adobe Cybersecurity Survey2018 Adobe Cybersecurity Survey
2018 Adobe Cybersecurity SurveyAdobe
 
FTSE350 Cyber Governance - An insight into the issues of today and tomorrow
FTSE350 Cyber Governance - An insight into the issues of today and tomorrowFTSE350 Cyber Governance - An insight into the issues of today and tomorrow
FTSE350 Cyber Governance - An insight into the issues of today and tomorrowLeona Markham
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsScalar Decisions
 
rp-esg-tackling-attack-detection-incident-response
rp-esg-tackling-attack-detection-incident-responserp-esg-tackling-attack-detection-incident-response
rp-esg-tackling-attack-detection-incident-responseMaciej Buczkowski
 
Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16Dave Darnell
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 

Mais conteúdo relacionado

Mais procurados

Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Marcello Marchesini
 
Trustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Trustwave: 7 Experts on Transforming Your Threat Detection & Response StrategyTrustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Trustwave: 7 Experts on Transforming Your Threat Detection & Response StrategyMighty Guides, Inc.
 
2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience InsuranceAccenture Insurance
 
From Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber ResilienceFrom Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber Resilienceaccenture
 
Improving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & ExecutivesImproving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & ExecutivesTripwire
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesLiberteks
 
Security Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecuritySecurity Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecurityDoug Copley
 
4 Cyber Security KPIs
4 Cyber Security KPIs4 Cyber Security KPIs
4 Cyber Security KPIsSteven Aiello
 
Cybersecurity Preparedness Trends and Best Practices
Cybersecurity Preparedness Trends and Best PracticesCybersecurity Preparedness Trends and Best Practices
Cybersecurity Preparedness Trends and Best PracticesTony Moroney
 
Demonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDemonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDoug Copley
 
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013drewz lin
 
Healthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALHealthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALSteve Knapp
 
Securing the Digital Economy: Reinventing the Internet for Trust
Securing the Digital Economy: Reinventing the Internet for TrustSecuring the Digital Economy: Reinventing the Internet for Trust
Securing the Digital Economy: Reinventing the Internet for TrustAccenture Insurance
 
Tech Refresh - Cybersecurity in Healthcare
Tech Refresh - Cybersecurity in HealthcareTech Refresh - Cybersecurity in Healthcare
Tech Refresh - Cybersecurity in HealthcareCompTIA
 
2018 Adobe Cybersecurity Survey
2018 Adobe Cybersecurity Survey2018 Adobe Cybersecurity Survey
2018 Adobe Cybersecurity SurveyAdobe
 
FTSE350 Cyber Governance - An insight into the issues of today and tomorrow
FTSE350 Cyber Governance - An insight into the issues of today and tomorrowFTSE350 Cyber Governance - An insight into the issues of today and tomorrow
FTSE350 Cyber Governance - An insight into the issues of today and tomorrowLeona Markham
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsScalar Decisions
 
rp-esg-tackling-attack-detection-incident-response
rp-esg-tackling-attack-detection-incident-responserp-esg-tackling-attack-detection-incident-response
rp-esg-tackling-attack-detection-incident-responseMaciej Buczkowski
 

Mais procurados (20)

Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
 
Cybersecurity report-vol-8
Cybersecurity report-vol-8Cybersecurity report-vol-8
Cybersecurity report-vol-8
 
Trustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Trustwave: 7 Experts on Transforming Your Threat Detection & Response StrategyTrustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
Trustwave: 7 Experts on Transforming Your Threat Detection & Response Strategy
 
2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance
 
From Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber ResilienceFrom Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber Resilience
 
CAPP Conference Survey
CAPP Conference SurveyCAPP Conference Survey
CAPP Conference Survey
 
Improving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & ExecutivesImproving Cyber Security Literacy in Boards & Executives
Improving Cyber Security Literacy in Boards & Executives
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for Dummies
 
Security Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecuritySecurity Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of Security
 
4 Cyber Security KPIs
4 Cyber Security KPIs4 Cyber Security KPIs
4 Cyber Security KPIs
 
Cybersecurity Preparedness Trends and Best Practices
Cybersecurity Preparedness Trends and Best PracticesCybersecurity Preparedness Trends and Best Practices
Cybersecurity Preparedness Trends and Best Practices
 
Demonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDemonstrating Information Security Program Effectiveness
Demonstrating Information Security Program Effectiveness
 
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
 
Healthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALHealthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINAL
 
Securing the Digital Economy: Reinventing the Internet for Trust
Securing the Digital Economy: Reinventing the Internet for TrustSecuring the Digital Economy: Reinventing the Internet for Trust
Securing the Digital Economy: Reinventing the Internet for Trust
 
Tech Refresh - Cybersecurity in Healthcare
Tech Refresh - Cybersecurity in HealthcareTech Refresh - Cybersecurity in Healthcare
Tech Refresh - Cybersecurity in Healthcare
 
2018 Adobe Cybersecurity Survey
2018 Adobe Cybersecurity Survey2018 Adobe Cybersecurity Survey
2018 Adobe Cybersecurity Survey
 
FTSE350 Cyber Governance - An insight into the issues of today and tomorrow
FTSE350 Cyber Governance - An insight into the issues of today and tomorrowFTSE350 Cyber Governance - An insight into the issues of today and tomorrow
FTSE350 Cyber Governance - An insight into the issues of today and tomorrow
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian Organizations
 
rp-esg-tackling-attack-detection-incident-response
rp-esg-tackling-attack-detection-incident-responserp-esg-tackling-attack-detection-incident-response
rp-esg-tackling-attack-detection-incident-response
 

Semelhante a 2015 Energy Industry Cybersecurity Research Update

Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16Dave Darnell
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...International Federation of Accountants
 
How close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe SecurityHow close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe SecurityRahul Tyagi
 
Cybersecurity: Perceptions & Practices
Cybersecurity: Perceptions & PracticesCybersecurity: Perceptions & Practices
Cybersecurity: Perceptions & PracticesJoseph DeFever
 
State of Security McAfee Study
State of Security McAfee StudyState of Security McAfee Study
State of Security McAfee StudyHiten Sethi
 
2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for InsuranceAccenture Insurance
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursSurfWatch Labs
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber securityWGroup
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services OfferedRachel Anne Carter
 
State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...at MicroFocus Italy ❖✔
 
State of Security Operations 2016
State of Security Operations 2016State of Security Operations 2016
State of Security Operations 2016Tim Grieveson
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsElizabeth Dimit
 
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...Symantec
 
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseData security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseThe Economist Media Businesses
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFLaurie Mosca-Cocca
 

Semelhante a 2015 Energy Industry Cybersecurity Research Update (20)

Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
 
Strategic Cybersecurity
Strategic CybersecurityStrategic Cybersecurity
Strategic Cybersecurity
 
How close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe SecurityHow close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe Security
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
 
Cybersecurity: Perceptions & Practices
Cybersecurity: Perceptions & PracticesCybersecurity: Perceptions & Practices
Cybersecurity: Perceptions & Practices
 
State of Security McAfee Study
State of Security McAfee StudyState of Security McAfee Study
State of Security McAfee Study
 
2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
 
Cyber Risk in the Energy Industry
Cyber Risk in the Energy IndustryCyber Risk in the Energy Industry
Cyber Risk in the Energy Industry
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber security
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services Offered
 
State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...
 
State of Security Operations 2016
State of Security Operations 2016State of Security Operations 2016
State of Security Operations 2016
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
 
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...
The Stand Against Cyber Criminals Lawyers, Take The Stand Against Cyber Crimi...
 
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseData security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
 

Último

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Último (20)

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

2015 Energy Industry Cybersecurity Research Update

  • 2. 1 Energy Industry Cybersecurity Report Copyright © 2015 by ScottMadden, Inc. All rights reserved. INTRODUCTION Due to information sharing concerns, energy industry cybersecurity information is not readily available. However, understanding what your industry peers are doing to respond to a growing cyber threat is required to make the best possible decisions. ScottMadden is committed to serving the energy community by providing timely cybersecurity information. We provide daily research report updates, statistics, and industry insight on our sponsored website, www.gridcybersec.com. Cybersecurity leading practices and recommendations can be found at www.scottmadden.com. And we are pleased to provide this Energy Industry Cybersecurity Report, a compilation of energy sector cybersecurity research. This report will help you understand:  Industry perceptions of cyber risks  Industry confidence levels in its ability to mitigate these risks  Cybersecurity strategies, organizational responsibilities, and practices being used  Cybersecurity concerns and obstacles that need to be addressed in order to adequately secure their critical assets This report will help you evaluate your cybersecurity program efforts, including:  How your practices and capabilities compare to the industry  How your perceptions and concerns compare to the industry ScottMadden’s research is gathered from global energy industry surveys. Information on SCADA and industrial control systems is pulled from surveys of critical infrastructure operators that include energy utilities (but not exclusively). KEY FINDINGS The report’s key findings include:  Energy organizations acknowledge a growing cybersecurity risk, and most expect their IT and operation technology (OT) assets to be attacked  Most organizations have implemented cybersecurity programs and consider them relatively mature  Organizations are not confident they are effectively managing risks to their IT and OT assets
  • 3. 2 Copyright © 2015 by ScottMadden, Inc. All rights reserved.  Most organizations have experienced a cybersecurity incident that resulted in either a data loss or disruption to operations  Insiders present the biggest cybersecurity risk to organizations  Organizations are concerned about having sufficient cybersecurity resources  Most organizations share responsibility for OT security between the information security officer and the operator of the control system  Organizations are lacking real-time, actionable cybersecurity intelligence  Half of the organizations have adopted a unified security and controls framework These findings reveal some inconsistencies. There is growing awareness of cybersecurity risks and the increasing threat they present to energy operations. Organizations also claim their cybersecurity practices are maturing. But despite this improved awareness and these maturing cyber capabilities, there is not a corresponding level of confidence in the organization’s ability to deal with security risks. There are lessons to be learned from the incidents that are occurring. While nation-state, terrorist, and criminal activities get all the headlines, the number-one threat remains insiders and trusted partners. Your cybersecurity efforts need to be commensurate with this high-probability risk. The research identified relatively flat security budgets, so it is important that security efforts and investments are focusing on high-probability and high-impact risks. A number of improvement opportunities are also identified. This includes improvements in real-time, actionable intelligence. Adoption of a standard control framework, preferably the NIST cybersecurity framework, can also guide efforts for the roughly 50 percent of organizations not using an industry standard. There is also an opportunity to dedicate resources explicitly to OT cybersecurity, including SCADA and industrial control systems.
  • 4. 3 Copyright © 2015 by ScottMadden, Inc. All rights reserved. FINDINGS DETAILS Finding 1: Energy organizations acknowledge a growing cybersecurity risk, and most expect their IT and OT assets to be attacked. Organizations indicated that the risk level of their control system environments has substantially increased, and they anticipate an attack on their IT and SCADA assets.
  • 5. 4 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 2: Most organizations have implemented cybersecurity programs and consider them relatively mature. The majority of organizations have many cybersecurity program elements in place, and the average maturity of industry security programs is considered middle to late stage—practices are defined and are either partially or mostly implemented.
  • 6. 5 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 3: Organizations are not confident they are effectively managing risks to their IT and OT assets. Organizations are unsure how effective their security management efforts are at mitigating risks. Specifically, they indicated weaknesses in compliance efforts, security requirement enforcement, and their use of state-of-the-art technologies.
  • 7. 6 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 4: Most organizations have experienced a cybersecurity incident that resulted in either a data loss or disruption to operations. Two-thirds of organizations have experienced at least one disruptive cybersecurity incident. Thirteen percent have had their SCADA networks compromised, and 26 percent have had other industrial control systems impacted.1
  • 8. 7 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 5: Insiders present the biggest cybersecurity risk to organizations. Despite the well-publicized risks of nation-states, criminal enterprises, and hacktivists, insiders remain the most probable source of cyber risk—either intentionally or unintentionally.
  • 9. 8 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 6: Organizations are concerned about having sufficient cybersecurity resources. Eighty percent of respondents indicated they have either one person or no one dedicated to control system cybersecurity, and spending has been flat while the perceived threat is increasing.
  • 10. 9 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 7: Most organizations share responsibility for OT security between the information security officer and the operator of the control system. Control system operators were identified by just more than half of organizations surveyed as responsible for ICS cybersecurity. Few organizations have dedicated OT cybersecurity resources.
  • 11. 10 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 8: Organizations are lacking real-time, actionable cybersecurity intelligence. Twenty-five percent of organizations characterized their OT intelligence as either very effective or effective, while 56 percent either indicated their intelligence as not effective or nonexistent. This is further demonstrated by the answers to incident questions, where a commonly provided answer was “unknown.” Question % Responding “Unknown” What was the root cause of the ICS/SCADA security breaches over the past 12 months? 1 21% If you had an ICS/SCADA breach, how many times did such events occur in the past 12 months? 2 34% How long did it take to discover the ICS/SCADA infiltration or exploit? 2 34% Source of ICS-CERT reported security incidents 3 38%
  • 12. 11 Copyright © 2015 by ScottMadden, Inc. All rights reserved. Finding 9: Half of the organizations have adopted a unified security and controls framework. One-third of organizations have either adopted or plan to adopt the NIST cybersecurity framework. CONCLUSIONS Energy company responses to a growing cybersecurity threat have varied. Many capital projects have been launched, introducing new monitoring, detection, protection, and security management capabilities. Cybersecurity capabilities are perceived as maturing. But this research shows that organizations are not becoming more confident in their ability to secure their critical assets. As more attention is placed on what the industry is doing, it is clear that new approaches are needed. This includes a more strategic approach to cybersecurity:  Understanding the enterprise security risks to your organization’s mission  Focusing your organization’s response on the highest priority risks  Building foundational capabilities and methodically maturing and improving them  Demonstrating tangible progress
  • 13. 12 Copyright © 2015 by ScottMadden, Inc. All rights reserved. ABOUT SCOTTMADDEN’S ENERGY PRACTICE We know energy. Since 1983, we have been consulting to the energy industry. We have served more than 300 clients, including 20 of the top 20 energy utilities. We have performed more than 2,400 projects across every energy utility business unit and every function. We have helped our clients develop strategies, improve operations, reorganize companies, and implement initiatives. Our broad and deep energy utility expertise is not theoretical—it is experience based. ABOUT THE AUTHOR Jon Kerner leads ScottMadden’s IT practice. Contact him at jkerner@scottmadden.com. FOR MORE INFORMATION Please visit www.scottmadden.com to learn more about the services we offer. Visit www.gridcybersec.com and subscribe to our newsletters to receive daily cybersecurity research. Also, follow us on twitter @gridcybersec. __________________________________ 1 Critical Infrastructure: Security Preparedness and Maturity, Ponemon Institute, http://www.unisys.com/insights/critical- infrastructure-security 2 Breaches on the Rise: A SANS Survey, SANS Institute, http://www.sans.org/reading-room/whitepapers/analyst/breaches- rise-control-systems-survey-34665 3 ICS-CERT in Review: 2014, Industrial Control Systems Cyber Emergency Response Team, https://ics-cert.us- cert.gov/sites/default/files/documents/Year_in_Review_FY2014_Final.pdf 4 Global State of Information Security Survey: 2015 (Power and Utilities), PWC, http://www.pwc.com/gx/en/consulting- services/information-security-survey