LevelBlue, a leading provider of managed network security services, managed detection and response, strategic consulting, and threat intelligence, today released its 2024 Futures Report: Cyber Resilience in Energy and Utilities. The findings detail the critical cyber resilience barriers facing energy and utility leaders as they navigate escalating cyber threats and growing innovation demands.
Energy and utility leaders are focused on investing in the technologies that drive dynamic computing and anticipate Improvements in computing will give organizations a competitive edge. As such, 75% expect to start working with a more sophisticated supply chain, and 85% anticipate improvements to revenue and operations.
While optimism surrounds dynamic computing’s potential for the industry, especially in AI strategy development and leveraging sophisticated supply chains, 85% of respondents also acknowledge computing innovation is increasing risk. The industry remains cautious about AI adoption – 67% acknowledge they are a cautious or late adopter of AI – however, nearly three-quarters (74%) of respondents believe computing innovation’s benefits outweigh cybersecurity risks. Furthermore, 79% acknowledge their organizations accept some level of uncertainty regarding these threats.
“We continue to see supply chain attacks make headlines, and it’s a constant reminder of the vulnerability of energy and utility companies,” said Theresa Lanowitz, Chief Evangelist of LevelBlue. “Yet, even as attacks increase and cost organizations more than ever, cyber resilience is not prioritized as a critical business initiative. Going forward, buy-in beyond IT, from energy and utility business leaders, is necessary to build a resilience strategy that aligns with overall business objectives and effectively manages risks.”
Vulnerabilities from third-party sources are among the top threat factors for energy and utilities organizations. In fact, over half of respondents (78%) reveal difficulty in assessing supply chain risks, with only 38% stating that their supply chain is completely or almost completely secure. 47% recognize distributed denial-of-service (DDoS) as a probable attack vector, and 41% admit to lacking confidence in handling it.
When assessing the critical barriers to cyber resilience planning and cybersecurity budgeting for energy and utility organizations, the report found that:
- 81% reveal their organizations are at risk due to barriers impacting their cybersecurity resilience strategies.
- 77% indicate that digital transformation is an ongoing barrier to cybersecurity resilience.
- 63% believe cybersecurity is an afterthought in their organizations, with another 68% stating efforts are often siloed.
- 73% of respondents report cyber resilience is primarily the responsibility of cybersecurity teams and is not an enterprise-wide priority.
- 72% say their organizations do not specifically invest in cyber resilience beyond cybersecurity.
- 81% report budgets are reactive rather than proactive.
- 61% of respondents reveal there’s a lack of understanding about cybersecurity at the board level.
- 75% of energy and utility organizations are struggling to find the external guidance they need.
Balancing innovation with cyber risk is crucial for today’s energy and utilities environment, and vulnerabilities must be proactively managed to protect critical infrastructure and sensitive operational data. The LevelBlue Futures Report identifies opportunities for energy and utility leaders to understand the obstacles they face in achieving cyber resilience. Specifically, the report outlines five key steps to focus on: identify the barriers to cyber resilience; be secure by design; align cyber investment with business; build a support ecosystem; and transform cybersecurity strategies.
Download the complete findings of the 2024 LevelBlue Futures Report: Cyber Resilience in Energy and Utilities at this link here. This report follows the May 2024 release of the core 2024 LevelBlue Futures Report found here.
For more information on LevelBlue and its managed security, consulting, and threat intelligence services, please visit www.levelblue.com.
Methodology
The research is based on a quantitative survey that was carried out by FT Longitude in March 2024. There were a total of 1,050 C-suite and senior executives surveyed, across 18 countries and seven industries: energy and utilities, financial services, healthcare, manufacturing, retail, transportation, and US SLED (state, local government, and higher education). Respondents were employed in a variety of cybersecurity-related roles, with 32% working at C-level and the remainder employed in C-minus one positions. The total number surveyed in energy and utilities is 150.
About LevelBlue
We simplify cybersecurity through award-winning managed services, experienced strategic consulting, threat intelligence, and renowned research. Our team is a seamless extension of yours, providing transparency and visibility into security posture and continuously working to strengthen it.
We harness security data from numerous sources and enrich it with artificial intelligence to deliver real-time threat intelligence, which enables more accurate and precise decision making. With a large, always-on global presence, LevelBlue sets the standard for cybersecurity today and tomorrow. We easily and effectively manage risk, so you can focus on your business.
Welcome to LevelBlue. Cybersecurity. Simplified. Learn more at www.levelblue.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20241030579205/en/