Energy IT pros confident on breach detection, survey shows

Two-thirds of energy sector IT professionals claim they could detect a breach within a week, a survey shows

Two-thirds of energy sector IT professionals say they can detect a security breach of mission critical systems in seven days or less, a survey shows.

This is despite industry research that shows many breaches go undiscovered for weeks and even months – with  energy sector firms coming under increasing attacks.

More than a fifth of energy sector IT professionals believe they can detect breaches within 24 hours, according to a poll of more than 100 attendees of the 2014 EnergySec Security Summit in Austin, Texas.

A similar proportion of respondents said it would take them less than 72 hours and 19% said it would take them less than a week, revealed the poll conducted by security firm Tripwire.

Just 10% said data breach detection would take a month and 9% said it would take three months, but 15% were not confident they could detect a breach.

“The survey results reflect a surprising optimism,” said Steven Parker, president of EnergySec, a non-profit organisation that helps firms in the energy sector secure their critical technology infrastructures.

Attack detection is a critical capability and I think there is much more work to be done in this area than most organisations realise,” he said.  

Dwayne Melancon, chief technology officer for Tripwire said “trust” is not a valid security control and “hope” is not valid security strategy.

“Unfortunately, this data suggests that a lot of energy security professionals are far too hopeful about their own cybersecurity capabilities,” he said.

In July 2014, security firm Symantec reported that more than 1,000 energy companies in Europe and North America had been compromised by an Eastern European hacking collective.

The report said a group known as Dragonfly had been targeting organisations that use industrial control systems (ICS) to manage electrical, water, oil, gas and data systems since 2013.

According to Symantec, the cyber espionage campaign was aimed at energy grid operators and industrial equipment suppliers.

A total of 84 countries were affected, with most of the targets in the US, Spain, France, Italy, Germany, Turkey and Poland.

At the time, Steve Hultquist, CIO at RedSeal Networks, said the espionage campaign uncovered by Symantec showed that many enterprises are breached but remain unaware.

“It also makes it evident that even the most well-defended networks are subject to attack through human error and limited visibility,” he said.

Targeted attacks on industrial control systems (ICS) are the biggest threat to critical national infrastructure and take place on a regular basis, according to security firm Kaspersky Lab.

Researchers at Kaspersky Lab expect ICS attacks to increase, because industrial networks offer an easier way in to the more heavily protected corporate IT systems.

More on cyber attacks and critical infrastructure

Read more on Hackers and cybercrime prevention