via Intelligent Utility
A recent report found little progress by the power industry over the past year in preventing cyber security attacks.
First, let’s be clear. I’m aware of the potential self-interest when security companies produce alarming reports on cyber threats. But we’ve already documented independent security analysts who have something similar to say. Have a look at the following two articles we’ve run “CIP: Creating a ‘Culture of Compliance'” and “How To Think About Cyber Security.”
“In the Dark: Crucial Industries Confront Cyber Attacks” is the second such report sponsored by security firm McAfee and conducted–presumably at arm’s length–by the Center for Strategic and International Studies (CSIS).
The report received some attention among security bloggers but made few apparent waves in the power industry, which seemed to reflect the silo effect–though CIOs typically have responsibility for cyber security, it’s actually a CEO problem. Interruptions of service impact the business, after all.
In-depth discussion of the issue from CIOs on the front lines will take place at Energy Central’s 6th annual Knowledge 2011 summit, set for Amelia Island, Florida, Nov. 7-9.
“Power, oil, gas and water may well be the first targets for a serious cyber attack,” the report stated in its executive summary. “They are not ready. The threat has accelerated–but the response has not. Cyber-exploits and attacks are already widespread.”
CIOs told the CSIS that they “perceive a real and growing cyber threat.” Organized crime is one source, but CIOs also cited “hostile government infiltration of networks [that] achieved staggering levels of success.”