When I originally posted, I didn’t see that someone already posted the news about CyMotive, so here is a different article that focuses on a study conducted by Tripwire, an industry leader in enterprise-class security, compliance, and IT operations solutions.
“According to the Department of Homeland Security, the energy sector faces more cyber attacks than any other industry. Despite the frequency in attacks, energy IT professionals participating in Tripwire’s survey were very confident in their ability to collect the data needed to detect a cyber attack…
“‘These results show that most security professionals are assuming they are doing the right things to secure their environments, but lack real world data to back up their assumptions,’ said Travis Smith, senior security research engineer for Tripwire. ‘This highlights the importance of testing security controls to ensure they are functioning as expected. It’s not enough to install security tools throughout the environment. You must test the policies and procedures to be confident the controls in place will stop or detect real-world intrusions…'”
I find it especially worrisome that an industry so essential to our success as a country—and demonstrably under constant cyber attack—seems to overestimate its capability to detect and respond to such attacks.
I will not say much on this as I spent 20 years in the energy industry, some of it working in IT security. One of the things I can say is that utilities have very tight budgets for security, so some things that one would assume they would be doing are just not in the budget.
Wade