70% Of Critical Infrastructure Firms Lose Confidential Data

Jul 10, 2014

Almost three quarters of companies responsible for global critical infrastructure have been the subject of a security breach over the past 12 months with confidential information lost and more attacks expected in future.

Ponemon Institute’s survey of 599 security executives from utility, oil and gas, energy and manufacturing companies found that almost 70 per cent of them have experienced at least one breach in the last year that led to a loss of confidential information or a disruption to operations.

“The findings of the survey are startling, given that these industries form the backbone of the global economy and cannot afford a disruption,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. “While the desire for security protection is apparent among these companies, not nearly enough is actually being done to secure our critical infrastructure against attacks.” 

64 per cent anticipate a further serious attack in the year ahead and even though this is the case, just 28 per cent put security in the top five strategic priorities for the organisation, most opting for minimising downtime as the top business priority.

Of those that admitted a breach in the past year, the majority blamed it on an internal accident or mistake and when asked about the biggest threat to company security almost all mentioned negligent insiders.

“Whether malicious or accidental, threats from the inside are just as real and devastating as those coming from the outside,” said Dave Frymier, chief information security officer at Unisys, the company that conducted the survey with Ponemon. “We hope the survey results serve as a wake-up call to critical infrastructure providers to take a much more proactive, holistic approach to securing their IT systems against attacks. 

When it comes to IT security programs and activities just one in six describe them as “mature” and even though there have been a large number of breaches, as little as six per cent of respondents provide cybersecurity training for all employees.

Image Credit: Flickr (tsuda)




Author: Jamie Hinks
View the original article here.
Published under license from ITProPortal.com
Business / Cyber Security / cybersecurity / energy / Industry / ITProPortal / Partners / ponemon institute / Technology

Comment

 

Understanding the risks and rewards of public sector cloud 

Download the Whitepaper now

Partner

24Newswire
Sign up to receive latest news

Twitter Feed

Why does pubsec ICT PR firm @MantisPR want to be at the upcoming #eventcentreUK THINK Digital Vendors 2016 event? https://t.co/3tE5o7aMmO
@24nbiz
Apr 01, 2016
@thinkdigicon supporter @Adv365 sets out its stall for tomorrow's landmark #gcloud event https://t.co/FQraJP2yyg
@24nbiz
Mar 21, 2016
@thinkdigicon supporter @Adv365 explains why it's supporting tomorrow's show https://t.co/2Wj3UECo9s
@24nbiz
Mar 21, 2016
@24n.biz: what's the final agenda for tomorrow's @thinkdigicon #gcloud @GOVUKdigimkt show? https://t.co/6CASi8lrnU
@24nbiz
Mar 21, 2016