Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, today announced the results of a survey conducted by Dimensional Research. The survey examined the views of over 400 executives and IT professionals in the energy, oil, gas and utility industries on cybersecurity and compliance initiatives. Overall, energy security professionals were extremely confident in their ability to detect a cyberattack on critical systems, with 86 percent stating they could detect a breach in less than one week.

The Tripwire survey found that 49 percent of all respondents believe their organization could detect a cyberattack on a critical system within 24 hours. Energy executives were found to have the highest levels of confidence, with 61 percent claiming their organization could detect a critical system breach in less than 24 hours. However, according to Mandiant's M-Trends 2015 report, the average time required to detect an advanced persistent threat on a corporate network is 205 days, and in the 2015 Data Breach Investigations Report, Verizon reported that 66 percent of cyberattacks took months to detect.

"Cybersecurity within energy companies is stronger than it has ever been, yet growing bodies of evidence indicate that it's still far too easy to compromise the energy infrastructure," said Mark Weatherford, principal at The Chertoff Group. "Confidence at the executive level is certainly critical and necessary for success, but over-confidence can lead to a potentially dangerous false sense of security. Interestingly, a survey conducted last year by the Ponemon Institute found that 31 percent of 160,000-plus IT security professionals in 15 countries never speak with senior company executives, which might explain why Tripwire's survey found that energy executives have such a high level of confidence in their organization's ability to detect a critical systems breach. Therefore, it's a legitimate question to ask if executive confidence is misplaced."

Additional findings from the Tripwire survey include:

  • 94 percent of executives agree that their organization is a target for cyber criminals.
  • 83 percent of respondents believe a cyberattack could do serious physical damage to their infrastructure.
  • Only 3 percent of respondents believe it would take more than one month to detect a cyberattack on a critical system.

Share on Twitter: 86% of energy security professionals believe they can detect a cyberattack in less than one week

"Cybersecurity in the energy industry is focused on protecting the availability and reliability of the critical infrastructure on which our nation relies," said Rekha Shenoy, vice president of business and corporate development for Tripwire. "The good news is that energy organizations are increasingly aware of cybersecurity risks and are investing more resources into reducing these risks. The bad news is that many of these organizations are still underestimating the sophistication, persistence and evasive technology of the attackers who are targeting them. The reality is that most organizations need a continuous view of their entire attack surface in order to detect a breach quickly and respond before damage is done."

For more information on Tripwire's energy survey, please visit: http://www.tripwire.com/company/research/tripwire-critical-infrastructure-study/?previewid=185C230B-E2A7-7398-6724A9168859BF82.

About Tripwire

Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire's portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence. Learn more at www.tripwire.com, get security news, trends and insights at http://www.tripwire.com/state-of-security/ or follow us on Twitter  @TripwireInc. Tripwire was acquired by Belden Inc. (NYSE: BDC) in January 2015. Belden Inc. delivers a comprehensive product portfolio targeted at reliable and secure transmission of rapidly growing amounts of data, audio and video needed in industrial, enterprise and broadcast markets. For more information, visit us at www.belden.com

View source version on businesswire.com: http://www.businesswire.com/news/home/20150625005415/en/

Copyright Business Wire 2010