Submit your industry releases to iTWire
iTWire wants to hear from you. In Industry Releases we’re offering you the opportunity to spruik the latest news and information about your company, organisation, products and services. We’ll look at your submission and, if we think it’s appropriate information to give our readers, we’ll publish it. We reserve the right to reject your submission for publication. ...more
 

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire
Press-release
Submit your news here
Secure Computing Cyber Security Study Reveals Sobering Results E-mail
Tuesday, 18 November 2008
Secure Computing Corporation (NASDAQ: SCUR), a leading enterprise gateway security company, today announced the results of a study conducted during August and September 2008 in the US, Canada and Europe. The study surveyed 199 international security experts and other "industry insiders" from utilities, oil and gas, financial services, government, telecommunications, transportation and other critical infrastructure industries. Despite a growing body of legislation and regulation, more than half of these experts believed that most critical infrastructure continues to be vulnerable to cyber attack. Further, a majority of respondents said that major attacks have already begun or are likely to occur in the next 12 months.

 "An attack on any one of these industries could cause widespread economic disruptions, major environmental disasters, loss of property and even loss of life," said Elan Winkler, director of critical infrastructure solutions for Secure Computing. "This study revealed that many critical infrastructure organisations are simply not ready for the cyber attacks which are coming soon."

Rick Nicholson, VP of Research for IDC’s Energy Insights who authored the white paper1 based on the survey, added, "Most utility CIOs believe that their companies will be compliant with relevant standards, but still have a long way to go before being adequately prepared for all cyber attacks."

In the study, respondents were asked to indicate the state of readiness for eight different industries. More than 50 percent of respondents believed that utilities, oil and gas, transportation, telecommunications, chemical, emergency services and postal/shipping industries were not prepared. For some sectors, such as postal/shipping and transportation, as many as three out of four experts indicated that the infrastructure was not ready for attack. Only the financial services industry was considered prepared, although nearly 40 percent believed that even this sector was not ready to defend itself.

Survey participants were also asked which industry was the biggest target, which was the most vulnerable to attack and which was the most detrimental if breached. The insiders picked the energy sector in all three cases, with 33 percent saying it was the biggest target, 30 percent saying it was the most vulnerable and 42 percent saying it would be the most detrimental if attacked.

When asked to name the biggest bottleneck to improving cyber security, the largest number of experts (29 percent) pointed to the cost of security measures. Apathy was the second most likely to be selected as the primary bottleneck, with government bureaucracy and internal issues tying for third.

Risk of Cyber Attack Likely to Grow
Study participants from North America were also asked how soon major exploits of critical infrastructure would occur. More than 50 percent answered that the attacks had already begun. Another 14 percent said a major exploit was likely in the next 12 months, while only 2 percent said such an exploit would never occur.

At the same time that attacks are becoming more likely, many networks are becoming less secure. Energy Insights identified three trends which are likely to increase the vulnerability of critical infrastructure in the future:

- Interconnectivity among networks will expand. Already 62 percent of North American respondents said that their control systems were directly connected to an IP-based network or the Internet. A full 98 percent of respondents believed this makes them more vulnerable.
- Intelligent grid and similar initiative will continue to grow. As companies deploy new technologies such as smart meters, sensors and advanced communications networks, they run the risk of increasing their vulnerability unless they include security as an integral part of the projects.
- Cost cutting efforts will not go away. During times of economic hardship, organisations are expected to increase their use of "standard" IT platforms, further increasing their vulnerability to attack.

Recommendations Based on Study Findings
The IDC Energy Insights white paper sponsored by Secure Computing recommends that critical infrastructure asset owners and operators take four steps towards greater cyber security:

- Performing ongoing vulnerability assessments
- Vigilant monitoring of network automation and control systems
- Taking an enterprise approach that includes both information technology and operations technology environments
- Thinking beyond regulatory compliance

As a global leader in cyber security, Secure Computing provides a number of resources to help organisations address these issues. With more than 14 years experience protecting critical infrastructure networks in 31 countries, Secure Computing has accumulated a wealth of research, educational materials, tools, expert advice, and other materials that it is making available online at http://www.securecomputing.com/cybersecurity. 

Tags See All Tags




Get stories like this delivered daily - FREE - subscribe now
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
Suscribers		 904,266
13,751
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff
Subscribe to our free e-newsletter

Submit your press release for publication here

Vendor submitted press-releaseVendor submitted press-release

Read more ...