Security incidents and their financial impact
Cyber attacks against power and utilities organizations have transitioned from speculative to indisputable. In The Global State of Information Security® Survey 2015, the average number of detected incidents soared six-fold over the year before — by far the highest reported by any industry. It seems, however, that adversaries are being stopped before they can cause real harm: Respondents say the financial impact of security compromises dropped 51% in 2014.
Top sources of incidents
Current and former employees are once again the most-frequent culprits of security incidents. Attacks by sophisticated adversaries like foreign nation-states, organized crime, and, activists and hacktivists remain among the least frequent, but they are also the fastest growing. Compromises attributed to foreign nation-states more than doubled over 2013, and those caused by activists and hacktivists were also up substantially.
The security practices that matter
Organizations are falling behind in implementation of many critical cybersecurity strategies, processes, and technologies. Survey respondents reported attrition in fundamentals like having a formal information security strategy and offering employee security training programs. The survey also found that policies and due diligence regarding third-party partners have declined, as have deployment of monitoring and detection technologies.
Toward a more strategic approach
As risks to IT, operational, and connected-field assets continue to rise — and cybersecurity readiness falls — a more strategic approach will be essential. At the core should be a risk-based cybersecurity program that enhances the ability to identify, manage, and respond to privacy and security threats. Certain initiatives will be key: alignment of security strategy with business needs, identification and prioritization of high-value data, support from top executives, and collaboration to improve security.