Clearly with the recent Rockefeller Letter, incidents where leading media outlets were attacked and the potential for cyber attacks on the oil and gas industry like Stuxnet the whole the paper is intended to take companies form the theoretical of "what to do" to the conventional wisdom of "how to do it".
Today’s cyber threats are persistent, well organized and often successful. At the same time, energy security leaders face a myriad challenges that can divert their focus, including demand for always-on services, intensifying regulations, mobility and initiatives like replacing aging industrial control systems with more modern "smart" devices.
It’s not all bad news, however. These conditions create an opportunity for CISOs in the energy space to develop a business-focused strategy that acknowledges there is no fail safe way to secure all assets all the time. Today, a realistic security strategy is one that empowers an organization to prepare for and quickly detect attacks when they occur—as they no doubt will occur. PwC, through our IT Security, Privacy Risk & Competency can help you navigate through the uncertainties of cyber incidents in the energy space and assist your company when preparing for incidents and responses.