Tripwire Study: Two-Thirds of Energy Sector IT Professionals Lack Visibility into Cyber Attacks That Cause Physical Damage
Only 35 percent of energy IT professionals accurately track all
threats targeting their operational technology
Tripwire,
Inc., a leading global provider of advanced threat, security and
compliance solutions, today announced the results of a study conducted
for Tripwire by Dimensional Research on the cyber security challenges
faced by organizations in the energy sector. The study was carried out
in November 2015, and respondents included over 150 IT professionals in
the energy, utilities, and oil and gas industries.
According to Tripwire’s study, eighty-two percent of the respondents
said a cyber attack on the operational technology (OT) in their
organization could cause physical damage. However, when asked if their
organization has the ability to accurately track all the threats
targeting their OT networks, sixty-five percent replied, “no.”
Additional findings from the study include:
-
More than three out of four respondents (seventy-six percent) believe
their organizations are targets for cyber attacks that could cause
physical damage.
-
Seventy-eight percent of respondents said their organizations are
potential targets for nation-state cyber attacks.
-
One-hundred percent of energy executive respondents believe a kinetic
cyber attack on operational technology would cause physical damage.
“The incredibly high percentages of these responses underscores the need
for these industries to take material steps to improve cyber security,”
said Tim Erlin, director of IT security and risk strategy for Tripwire.
“These threats are not going away. They are getting worse.”
According to the Department of Homeland Security, the energy
sector faces more cyber attacks than any other industry, and attacks
on industrial control system networks are on the rise. If
successful, these energy sector cyber attacks could have a dramatic
physical impact. In December 2015, BlackEnergy malware was used in an
attack against a power plant in the Ukraine and left
over 700,000 customers without electricity.
Erlin continued: “We’ve already seen the reality of these responses in
the Ukraine mere months after this survey was completed. There can be no
doubt that there is a physical safety risk from cyber attacks targeting
the energy industry today. While the situation may seem dire, in many
cases there are well understood best practices that can be deployed to
materially reduce the risk of successful cyber attacks.”
Additional Resources:
Study
Results: Tripwire 2016 Energy Survey: Physical Damage
Blog:
Nexus of Metrics: Oil and Gas Survey Results
About Tripwire
Tripwire is a leading provider of endpoint detection and response,
security, compliance and IT operation solutions for enterprises, service
providers and government agencies. Tripwire solutions are based on
high-fidelity asset visibility and deep endpoint intelligence combined
with business context; together these solutions integrate and automate
security and IT operations. Tripwire’s portfolio of enterprise-class
solutions includes configuration and policy management, file integrity
monitoring, vulnerability management, log management, and reporting and
analytics. Learn more at tripwire.com,
get security news, trends and insights at tripwire.com/blog
or follow us on Twitter @TripwireInc.
Tripwire, Inc. was acquired by Belden Inc. (NYSE:BDC) in 2015.
View source version on businesswire.com: http://www.businesswire.com/news/home/20160204005075/en/
Copyright Business Wire 2016
Source: Business Wire
(February 4, 2016 - 8:07 AM EST)
News by QuoteMedia
www.quotemedia.com