Nearly all critical infrastructure industry executives recognize that their organizations are targets for cybercriminals, and almost half think their systems could detect a cyber attack on a critical system within 24 hours.
It's not that the remaining executives think it could take day or weeks to detect a cyber attack; 61 percent think they could detect it in less than 24 hours. Tripwire surveyed more than 400 executives in the energy, oil, gas and utility industries to publish its “Critical Infrastructure Study.”
Although an overwhelming majority of executives have confidence that their security systems could quickly detect a cyber attack, Rekha Shenoy, vice president of business and corporate development for Tripwire, believes this sureness isn't rooted in reality.
“The idea that these attacks would be detected quickly is basically a perception that's driven from the ability of these organizations to deliver energy with very high availability,” she said in emailed comments to SCMagazine.com. “However, in our experience, these organizations don't have the visibility into cybersecurity issues that would allow them to detect an attack faster than other industries."
This limited visibility could especially prove problematic, considering that 83 percent of respondents said a cyber attack could do “serious physical damage” to their infrastructure.
Shenoy noted that these security systems are relatively new, especially because of recent requirements and mandates that have forced the industry to “embrace cybersecurity intitiatives faster than they would have otherwise.”