Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security //

Risk Management

08:05 AM
Larry Loeb
Larry Loeb
Larry Loeb

Oil & Gas Industry Face Significant Cybersecurity Threat Study

A Ponemon survey finds a growing concern among cybersecurity professionals who work in the world's oil and gas industries.\r\n\r\n

A significant majority of oil and gas companies have reported a serious security breach or incident in the past year, according to a new report. This comes at a time when the safety of critical infrastructure facilities is under renewed scrutiny following a series of attacks and government warnings.

The Ponemon Institute conducted the survey of security in the oil and gas industry, which is based on the results of 176 people responsible for cybersecurity within companies based in the Middle East. Siemens, which sells products and technology into that market, funded the study.

The results come less than a week after the US Computer Emergency Readiness Team (US-CERT), along with the FBI and the Department of Homeland security, issued a warning that charged several Russia-based group with hacking into several critical facilities, including oil, gas and other energy firms. (See FBI & DHS Accuse Russia of Hacking Critical Infrastructure.)

The Ponemon study found that there were a significant number of security incidents in the oil and gas industry, which researchers defined as disruption to operations in the operational technology (OT) environment or the loss of confidential information.

Of those surveyed, 11% reported that they had experienced more than 10 OT network intrusions, which is three times the global average. Not only that, nearly half of the respondents believe that they may not be aware of all breaches that have occurred.

The specifics of the OT environment weighed heavily on the participants in the study. Two-thirds of those interviewed believe that the risk of attack has grown on OT over the last several years. In addition, 60% report that the risk to OT is greater than the danger posed to traditional IT systems.

The respondents report that there are certain items that are most at risk from these incidents, including exploratory information, production information, potential partners, financial and organizational reports, operational data, information on drilling sites, and field production data that is collected by sensors.

The top cybersecurity threat for 68% of those surveyed was a careless or negligent insider, as opposed to 21% believing it was a criminal or malicious insider.

Respondents also attribute the cyber risk their organizations face to uncertainty about the cybersecurity practices of third parties in the supply chain and the difficulty in mitigating risks across the entire oil and gas value chain.

Additionally, respondents report that the primary reason that their organizations are at risk is a lack of cybersecurity awareness and training among employees. Other important factors that they perceive are a limited cybersecurity culture among their vendors, suppliers and contractors, as well as the use of standard IT products that have known vulnerabilities in the production environment.

The fundamentals of network security are being redefined -- don't get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth-annual Big Communications Event. There's still time to register and communications service providers get in free!

The OT companies seem to realize they are at risk.

However, only 27% of respondents expressed confidence in their ability to assess cybersecurity risks and allocate the resources necessary to address those concerns. Overall, a third of their cybersecurity budget is directed at protecting OT environments.

Only 39% of respondents plan on hardening the endpoints of their systems, and 20% report that they plan on adopting analytics solutions over the next year.

Organizations that adopt a risk-based and compliance-based approach to their OT security programs have the best chance of keeping their OT operations both secure and running without problems, the study found.

Related posts:

— Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Look Beyond the 'Big 5' in Cyberattacks
Robert Lemos, Contributing Writer,  11/25/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I think the boss is bing watching '70s TV shows again!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-12-02
Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem.
PUBLISHED: 2020-12-02
Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in ...
PUBLISHED: 2020-12-02
CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM.
PUBLISHED: 2020-12-02
Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access.
PUBLISHED: 2020-12-02
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access,...