Current and former employees are once again the most frequent culprits of security incidents at utilities.
Cyberattacks against power and utilities organizations have transitioned from speculative to indisputable. In “The Global State of Information Security Survey 2015,” the average number of detected incidents soared sixfold over the year before — by far the highest reported by any industry. It seems, however, that adversaries are being stopped before they can cause real harm: Respondents say the financial impact of security compromises dropped 51 percent in 2014.
Top Sources of Incidents
Current and former employees are once again the most frequent culprits of security incidents. Attacks by sophisticated adversaries such as foreign nation-states, organized crime and activists and hacktivists remain among the least frequent, but they are also the fastest-growing.
Compromises attributed to foreign nation-states more than doubled over 2013, and those caused by activists and hacktivists also were up substantially.
The Security Practices That Matter
Organizations are falling behind in implementation of many critical cybersecurity strategies, processes and technologies. Survey respondents reported attrition in fundamentals such as having a formal information security strategy and offering employee security training programs. The survey also found that policies and due diligence regarding third-party partners have declined, as have deployment of monitoring and detection technologies.
Toward a More Strategic Approach
As risks to information technology, operational and connected-field assets continue to rise — and cybersecurity readiness falls — a more strategic approach will be essential. At the core should be a risk-based cybersecurity program that enhances the ability to identify, manage and respond to privacy and security threats. Certain initiatives will be key: alignment of security strategy with business needs, identification and prioritization of high-value data, support from top executives and collaboration to improve security.