Many in Utilities Sector Expect Attacks on Critical Infrastructure: Survey


Ed Kovacs at SecurityWeek reported on something that is one of the few things that keep me "awake at night":

"Representatives of the utilities industry believe the risk of cyberattacks on the sector has increased and many expect an attack on critical infrastructure in the next year, according to a study conducted by Siemens and the Ponemon Institute.

The study is based on a survey of over 1,700 individuals working in the utilities sector in North America, Latin America, Europe, the Middle East, and the Asia-Pacific region. The respondents included technicians, managers, directors, supervisors and senior executives.

A majority of respondents believe that cyber threats pose a greater risk to their Operational Technology (OT) systems than to information technology (IT) systems. Nearly two-thirds view sophisticated cyberattacks as a top challenge and 56% have reported being hit by at least one attack involving loss of private information or an outage in their OT environment in the past year. Four percent of respondents said they had experienced 10 or more such incidents.

Over half of respondents expect a cyberattack on critical infrastructure in the next year, but those who took part in the study believe that 30% of attacks on OT systems are not detected.

The utilities industry is mainly concerned that a cyberattack could result in a significant environmental incident, that it can result in the theft of confidential information, and that equipment can be damaged. However, insiders account for a majority of attacks on OT systems, report here." Full Story at SecurityWeek:

Request Your Security Awareness Training Quote

products-KB4SAT6-2Old-school awareness training does not hack it anymore. Your email filters have a ~10% failure rate; you need a strong human firewall as your last line of defense. KnowBe4 is your platform for new-school security awareness training. We help you keep your users on their toes with security top of mind. You simply have got to start training and phishing your users ASAP. If you don't, the bad guys will. Find out how affordable this is for your organization and be pleasantly surprised.

Get A Quote Now

Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Weak Password Test Contest

Get the latest about social engineering

Subscribe to CyberheistNews