Oil and gas cyber security

Below are findings from a recent EY report on cyber security titled, ‘Global Information Security Survey 2014.’

• 61% of oil and gas organisations believe it is unlikely or highly unlikely that they would be able to detect a sophisticated attack.
• 13% believe that their information security function is fully meeting the organisational needs.>
• 29% have no real time insight on cyber threats.

Security budgets

• The majority of current spend is being allocated simply to maintain existing security capabilities.
• Many organisations have not historically seen their cyber security posture improve as spend has increased.
• IT security budgets are staying relatively static.
• Security departments invest the latest security tools rather than seeking the root cause of security challenges.
• Budget constraints are often compounded by a separation of roles and responsibilities for operational technology security and cyber security.

Security metrics

• Security departments tend to report lag indicators to provide information of likely cyber threats.
• Cyber threats continually evolve along with the factors that influence them.
• Oil and gas companies need to look at integrating leading indicators with their lag indicators.

Recognising the breach

• There is growing evidence that the majority of large organisations have been breached.
• In some cases, investigation has shown that the breach occurred months earlier than discovery.
• It is often only at the point when data is tampered with that companies identify malicious behaviour and respond.
• Oil and gas organisations have the broad experience necessary to manage and support complex operations linked to large scale networks and with many points of ingress and egress.

Working together

• The oil and gas sector needs to recognise the value of joining resources together.
• The industry needs to use working groups to share and disseminate threat intelligence.
• The experience and capability of consultancies needs to drive change and improvement programs.
• Leveraging security vendor technology to underpin different aspects of cyber threat monitoring, alerting, defence and response would help the industry.