Seventy percent of energy industry professionals are concerned that a successful cyberattack against energy or oil and gas companies could cause a catastrophic failure, according to a survey released Wednesday.
The survey–sponsored by Tripwire, a provider of security and compliance solutions–examined industrial control systems (ICS) security at U.S. energy and oil and gas organizations. Respondents included 151 IT and operational technology (OT) security professionals at energy and oil and gas companies. Twenty eight percent of respondents were from government-managed organizations.
Cybersecurity concerns were even higher for government-managed organizations–81 percent of those respondents believe a cyberattack could result in a catastrophic event, such as an explosion, and 64 percent believe that a security attack on ICA systems was “likely or inevitable.”
“The majority of energy professionals said they wanted more government involvement in ICS security, with only 10 percent saying there should be less,” said Tim Erlin, vice president of product management and strategy at Tripwire. “This and the overall survey findings validate the priorities outlined in the Administration’s 1st cyber executive order and should further motivate government leadership to increase its current investment in ICS security.”
The cybersecurity alarm for critical infrastructure has been rung quite a few times in the past few months. Just last week, Tenable announced that it recently discovered a critical remote code execution vulnerability in two Schneider Electric applications used in manufacturing, oil and gas, water, automation, and wind and solar power facilities. On top of that vulnerability, the Department of Homeland Security issued a rare public alert in March about a large-scale Russian cyber campaign targeting U.S. infrastructure and raising concerns about vulnerabilities in the nation’s power grid.