While cybersecurity efforts in the energy sector have greatly improved, a Tripwire survey found IT staffers in this industry frequently don't have the real world data needed to see whether their assumptions on how their security apparatus function are correct.
The report's primary findings showed cybersecurity teams understand how their security tools function, but when pressed for details most were often unsure exactly what would happen in the case of a breach.
In one instance, 73 percent believed they could detect unauthorized software added to their network, but only 59 percent of those knew how long it would take to detect the intrusion. In another case 84 percent thought that they would receive an alert within hours if an unauthorized device was found accessing their system, but 52 percent of these respondents did not know how long it took to generate these alerts.
“While dedicated security staff are intimately familiar with the deployed capabilities and gaps, IT at large is often working on assumptions of protection,” Tim Erlin, Tripwire's director of IT security and risk strategies, told SCMagazine.com in an email.
Bringing energy sector guardians up to speed is important as a Department of Homeland Security report from late 2015 showed it is one of the most targeted sectors, with critical manufacturing a close second.
“The energy sector has made significant improvements in securing their slice of the nation's critical infrastructure, but broader adoption of security best practices is still lacking,” Erlin said.
The survey was based on responses from 763 IT professionals with 100 of these working in the energy sector.