Below are findings from a recent EY report on cyber security titled, ‘Global Information Security Survey 2014.’
- 61% of oil and gas organisations believe it is unlikely or highly unlikely that they would be able to detect a sophisticated attack.
- 13% believe that their information security function is fully meeting the organisational needs.>
- 29% have no real time insight on cyber threats.
Security budgets
- The majority of current spend is being allocated simply to maintain existing security capabilities.
- Many organisations have not historically seen their cyber security posture improve as spend has increased.
- IT security budgets are staying relatively static.
- Security departments invest the latest security tools rather than seeking the root cause of security challenges.
- Budget constraints are often compounded by a separation of roles and responsibilities for operational technology security and cyber security.
Security metrics
- Security departments tend to report lag indicators to provide information of likely cyber threats.
- Cyber threats continually evolve along with the factors that influence them.
- Oil and gas companies need to look at integrating leading indicators with their lag indicators.
Recognising the breach
- There is growing evidence that the majority of large organisations have been breached.
- In some cases, investigation has shown that the breach occurred months earlier than discovery.
- It is often only at the point when data is tampered with that companies identify malicious behaviour and respond.
- Oil and gas organisations have the broad experience necessary to manage and support complex operations linked to large scale networks and with many points of ingress and egress.
Working together
- The oil and gas sector needs to recognise the value of joining resources together.
- The industry needs to use working groups to share and disseminate threat intelligence.
- The experience and capability of consultancies needs to drive change and improvement programs.
- Leveraging security vendor technology to underpin different aspects of cyber threat monitoring, alerting, defence and response would help the industry.
Edited from report by Claira Lloyd