This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies
By closing this message or continuing to use our site, you agree to our cookie policy. Learn More
This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
Subscribe
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • Home
  • News
    • Security Newswire
    • Technologies
    • Security Blog
    • Newsletter
    • Web Exclusives
  • Columns
    • Career Intelligence
    • Security Talk
    • The Corner Office
    • Leadership & Management
    • Cyber Tactics
    • Overseas and Secure
  • Management
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • More
  • Physical
    • Access Management
    • Video Surveillance
    • Identity Management
    • More
  • Cyber
  • Sectors
    • Education: University
    • Hospitals & Medical Centers
    • Critical Infrastructure
    • More
  • Exclusives
    • Security 500 Report
    • Most Influential People in Security
    • Top Guard and Security Officer Companies
    • The Security Leadership Issue
    • Annual Innovations, Technology, & Services Report
  • Events
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
    • Security 500 West
  • Resources
    • The Magazine
      • This Month's Issue
      • Digital Edition
      • Archives
      • Professional Security Canada
    • Videos
      • ISC West 2018
      • ASIS 2017
    • Photo Galleries
    • Polls
    • Classifieds & Job Listings
    • White Papers
    • Mobile App
    • Store
    • Sponsor Insights
  • InfoCenters
    • Video Management Systems
  • Contact
    • Editorial Guidelines
  • Advertise
Home » New Survey Reveals Critical Infrastructure Cybersecurity Challenges
Cyber Security NewsInfrastructure:Electric,Gas & Water

New Survey Reveals Critical Infrastructure Cybersecurity Challenges

electricity-enews
August 1, 2016
KEYWORDS cyber security / infrastructure security
Reprints
No Comments

IT executives within critical infrastructure organizations see a need for public-private threat intelligence sharing partnerships (86 percent of respondents) to keep pace with escalating cybersecurity threats, according to a survey by The Aspen Institute and Intel Security.

A majority (76 percent) of survey respondents also indicated they believe a national defense force should respond when a cyber attack damages a critical infrastructure company within national borders. Additionally, although most respondents agree that threats to their organizations are on the rise, they maintain a high degree of confidence in existing security.

The survey, Holding the Line Against Cyber Threats: Critical Infrastructure Readiness Survey, reveals that the critical infrastructure providers surveyed are pleased with the results of their efforts to improve cybersecurity over the last three years, but at the same time many (72 percent) said that the threat level of attacks was escalating. Almost half of all respondents (48 percent) believe it is likely that a cyberattack on critical infrastructure, with the potential to result in the loss of human life, could happen within the next three years.

“This data raises new and vital questions about how public and private interests can best join forces to mitigate and defend against cyberattacks,” said Clark Kent Ervin, The Aspen Institute's director of homeland security. “This issue must be addressed by policymakers and corporate leaders alike.”

Survey results suggest there may be a disconnect between critical infrastructure providers and the current threat landscape:

  • Perceived Improvements: Respondents believe their own vulnerability to cyberattacks has decreased over the last three years. When asked to evaluate their security posture in retrospect, 50 percent reported that they would have considered their organizations “very or extremely” vulnerable three years ago; by comparison, only 27 percent believe that their organizations are currently “very or extremely” vulnerable.
  • Government Involvement Encouraged: Private industry is often hesitant when it comes to government’s involvement in private sector business; however, 86 percent of respondents believe that cooperation between the public and private sectors on infrastructure protection is critical to successful cyber defense. Furthermore, 68 percent of respondents believe their own government can be a valuable and respectful partner in cybersecurity.
  • Confidence in Current Solutions: Sixty-four percent believe an attack resulting in fatalities has not happened yet because good IT security is already in place. Correspondingly, more than four in five are satisfied or extremely satisfied with the performance of their own security tools such as endpoint protection (84 percent), network firewalls (84 percent), and secure web gateways (85 percent).
  • Disruptions Increasing: More than 70 percent of respondents think the cybersecurity threat level in their organization is escalating. Around nine in 10 (89 percent) respondents experienced at least one attack on a system within their organization, which they deemed secure, over the past three years, with a median of close to 20 attacks per year. Fifty-nine percent of respondents stated that at least one of these attacks resulted in physical damage.
  • Loss of Life?: Forty-eight percent of respondents believe it is likely that a cyberattack that will take down critical infrastructure with potential loss of life will occur within the next three years, although there were no additional survey questions to determine the circumstances under which respondents believed the loss of life could occur. More U.S. respondents thought this scenario was “extremely likely” to occur than did their European counterparts.
  • User Error Still #1 Issue: Respondents believe user error is the greatest cause of successful attacks on critical infrastructure. Organizations may strengthen their security postures, but individual employees can still fall victim to phishing emails, social engineering and drive-by browser downloads that successfully infect their organizations’ networks.
  • Government Response: Seventy-six percent of respondents believe a national defense force should respond when a cyber attack damages a critical infrastructure company within national borders.
  • Different Country Perspectives: U.S. respondents believe the likelihood of a catastrophic cyberattack on critical infrastructure that could result in loss of life is more certain than do their European counterparts. While 18 percent of U.S. sources consider this scenario “extremely likely” to occur in the next three years, only 2 percent in Germany and 3 percent in the United Kingdom think it extremely likely.

http://www.marketwatch.com/story/new-survey-reveals-critical-infrastructure-cybersecurity-challenges-2015-07-20

Subscribe to Security Magazine

Related Articles

Survey Reveals Challenges Facing Cybersecurity Profession

EU Enacts New Law to Improve Critical Infrastructure Cybersecurity

Survey: Critical Infrastructure Companies Woefully Unprepared for Security Breaches

Critical Infrastructure Under Persistent Threat

Related Products

Risk Analysis and the Security Survey, 4th Edition

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws 2E

The Database Hacker's Handbook: Defending Database Servers

Security Magazine November 2018 Issue

Related Events

Oil & Gas Critical Infrastructure & Asset Security Forum 2012

Focus on The Future: Emerging Technologies Empower New Levels of Video Protection

You Can't Provide Good Building Security Without Good Cybersecurity

EnergySec 8th Annual Summit

You must login or register in order to post a comment.

Report Abusive Comment

Subscribe For Free!
  • Print & Digital Edition Subscriptions
  • Security eNewsletter & Other eNews Alerts
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

security-center

The Top 5 Reasons Why Your Security Program Needs Intelligence Personnel

SEC0219-cover-Feat-slide_900px

The Road to CSO: Meet Microsoft's New Security Leader

Globe

Which Countries Have the Worst and Best Cybersecurity?

Cyber Doors

2018 Set a New Record for Security Vulnerabilities

cyber-SMB

8 Vulnerabilities Penetration Testers Recommend You Address in 2019

20180222ENR_Skyward_Drones_360x184customcontent

Events

February 19, 2019

Drones and Surveillance at MetLife Stadium

Unmanned aerial systems pose a legitimate threat to sporting events in America. The devices are not only becoming cheaper and easier to own, but technology has advanced to such a point that virtually anyone — hobbyist or terrorist — can fly one. MetLife Stadium is home of the New York Jets and New York Giants, in addition to numerous entertainment events and concerts each year.

February 26, 2019

Harness Real-time Public Information to Improve Active Shooter Response

Corporate security teams hope never to respond to an active shooter situation. But given today’s realities, companies spend a great deal of time developing guidelines, holding training sessions, and carrying out drills to ensure that their staff will be prepared in case an active shooter event occurs.
View All Submit An Event

Poll

Employee Background Screening

How Often Does Your Organization Conduct Background Screening on Employees?
View Results Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 6th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

See More Products
Security-500

Security Magazine

SEC-Feb-2019-Cover_144px

2019 February

In Security’s February 2019 issue, meet Brian Tuskan, Microsoft's New Security Leader. Learn how he has used technology, his reputation, networking and a desire to help people to become Microsoft’s new CSO. Read about the Next Generation of White Hat Hackers, How to Evaluate Security's Role, and more.

View More Subscribe
  • More
    • Market Research
    • Custom Content & Marketing Services
    • Security Group
    • Editorial Guidelines
    • Privacy Policy
    • Survey And Sample
  • Want More
    • Subscribe
    • Connect
    • Partners

Copyright ©2019. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing