Survey: Critical infrastructure risks cyber attack

Half of the critical infrastructure providers that the UK, Europe and North America rely on are vulnerable to cyber attack, according to a new survey.

Te critical infrastructure we all rely on from day-to-day is open to and potentially already under cyber attack, research published today has revealed.

IDC surveyed 199 security experts from utilities, oil and gas, financial services, government, telecommunications, transportation providers in Europe, Canada and the US.

More than half of these experts believed that most critical infrastructure continues to be vulnerable to cyber attack and the majority said that major attacks have already begun or are likely to occur in the next 12 months.

Only the financial services industry was considered prepared, although nearly 40 per cent also believed that even this sector was not ready to defend itself. And for some - such as postal, shipping and transportation sectors - as many as three out of four experts indicated that the infrastructure was under-prepared.

Out of all the industries covered by the survey, respondents said energy was not only the biggest target for cyber attack, but also the sector that could cause the most disruption if attacked - as well as the most vulnerable to attack.

And, when asked to name the biggest bottleneck to improving cyber security, the largest number of experts (29 per cent) said the cost of security measures was holding them back. Apathy was second most likely to be a barrier, with government bureaucracy and internal issues tying for third.

Rick Nicholson, research vice president for IDC's Energy Insights and author of the Secure Computing-sponsored research, said: "Most utility CIOs [chief information officers] believe that their companies will be compliant with relevant standards, but still have a long way to go before being adequately prepared for all cyber attacks."

The research concluded that, at the same time that attacks are becoming more likely, many networks are becoming less secure. Almost all (98 per cent) of respondents believed direct connectivity of their control systems to internet protocol (IP) based network or the internet had made them more vulnerable.

It also warned that, as companies deploy new technologies such as smart meters, sensors and advanced communications networks, they run the risk of increasing their vulnerability unless they include security as an integral part of the projects.

And it said the increased quest for standardisation of IT platforms in response to cost pressures during turbulent economic times would also not help those critical infrastructure systems be any less vulnerable to attack.

Featured Resources

Become a digital service provider

How to transform your business from network core to edge

Download now

Optimal business results with the cloud

Evaluating the best approaches to hybrid cloud adoption

Download now

Virtualisation that enables choices, not compromises

Harness the virtualisation technology that's right for your hybrid infrastructure

Download now

Email security threat report 2020

Four key trends from spear fishing to credentials theft

Download now

Recommended

How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
Cyber criminals bypassing MFA to access cloud service accounts
two-factor authentication (2FA)

Cyber criminals bypassing MFA to access cloud service accounts

14 Jan 2021
Weekly threat roundup: Microsoft Defender, Adobe, Mimecast
vulnerability

Weekly threat roundup: Microsoft Defender, Adobe, Mimecast

14 Jan 2021
Mimecast admits hackers accessed users’ Microsoft accounts
Security

Mimecast admits hackers accessed users’ Microsoft accounts

13 Jan 2021

Most Popular

How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
The fate of Parler exposes the reality of deregulated social media
Policy & legislation

The fate of Parler exposes the reality of deregulated social media

14 Jan 2021
Should IT departments to call time on WhatsApp?
communications

Should IT departments to call time on WhatsApp?

15 Jan 2021