Seventy-one percent of the respondents said their executive management team does not understand or appreciate the value of IT security, the study says. Sixty-seven percent of energy organizations were not using what they consider “state of the art” technologies to minimize risks to infrastructure-critical SCADA networks.
Respondents also expressed dissatisfaction with the tools they use to monitor their IT systems. Seventy-two percent said they don’t think their monitoring systems are effective at gathering actionable intelligence, such as real-time alerts, threat analysis, and prioritization, about actual and potential exploits. Only 21 percent of global energy and utilities organizations think their existing controls can protect them against exploits and attacks through smart grid and smart meter-connected systems.
Why does management have such a universally hard time believing that security breaches are a real problem, to avoided at all cost?