Industry Optimism, Spending Rise on Cybersecurity Preparation

Oil and gas companies have increased spending and are more confident of their cybersecurity measures, but the number and impact of cyberattacks continues to grow as industry’s measures fail to keep pace with increasingly sophisticated attacks, according to PwC’s 16th annual report “The Global State of information Security 2014”.

Seventy-nine percent of the 107 oil and gas industry respondents who participated in the survey expressed confidence over the effectiveness of their security activities, up from 78 percent in 2012. However, they reported that their confidence in the security programs of partners and suppliers decreased from 2012 to 2013, with confidence declining from 75 percent to 68 percent.

The survey found that information security budgets for oil and gas companies are averaging $5 million in 2013, up 32 percent from 2012, as companies appear to understand that the increased threat of cyberattacks means a substantial boost in security investment is required, according to a September 2013 presentation by PwC. Fifty-three percent of oil and gas respondents said they have deployed technologies to prevent advanced persistent attacks (APT), up 13 percent from 2012. The respondents are mostly relying on anti-virus and intrusion detection and prevention tools.

The survey, which was conducted by PwC and CIO and CSO magazines, included over 9,600 responses from participants surveyed online between Feb. 1 and April 1. These participants ranged from CEOs and CFOs to directors of IT and security.

Despite the optimism and increased security spending, oil and gas executives in the recent survey reported detecting 179 percent more security incidents – or any adverse incident that threatens some aspect of computer security – over the past 12 months compared with the previous survey. In 2012, the average number of security incidents among oil and gas respondents was 2,335; in 2013, the average number of security incidents is 6,511.

Even more significant is the fact that the average financial losses associated with these attacks grew 470 percent from 2012 to 2013, according to the survey. These security incidents resulted in data loss for oil and gas survey respondents, with the potential of possibly jeopardizing an organization’s most valuable relationships.


View Full Article


Click on the button below to add a comment.
Post a Comment
Generated by readers, the comments included herein do not reflect the views and opinions of Rigzone. All comments are subject to editorial review. Off-topic, inappropriate or insulting comments will be removed.
Gary Morgan | Apr. 23, 2014
I believe three issues contributes to this phenomenon: Organizational, Operational, and Political.: Organizational: The Organization is not designed with an emphasis on security. Security is not an independent entity on the Organizational Chart, but is under the control / management of IT. Therefore there is no checks and balances in the Organization. Operational: Security Processes, Policies, Procedures and Standards are not clearly understood nor defined to meet a quantifiable security objective. Re-mediation meditation plan process metrics are not in place nor promoted at the executive levels. Political : there is no clear vision or support by leadership for IT security as a prime goal of the organization From my experience working in security, I believe a confluence of these issues contribute to this phenomenon.


Our Privacy Pledge

From the Career Center
Jobs that may interest you
Business Development Specialist
Expertise: Business Development|Sales
Location: Midland, TX
Field Office Manager
Expertise: Accounting|Secretarial or Administrative
Location: Manquin, VA
Project Accountant
Expertise: Accounting
Location: San Diego, CA
search for more jobs

Brent Crude Oil : $55.14/BBL 0.61%
Light Crude Oil : $49.48/BBL 0.86%
Natural Gas : $3.12/MMBtu 0.95%
Updated in last 24 hours