Most Energy IT Professionals Could Detect Security Breach ‘Within One Week’

The majority of energy IT professionals are confident they could detect a data breach on critical systems within a week, despite industry research generally go undiscovered for most breaches go undiscovered for weeks, months or even longer.

These were the findings of a survey by security solutions specialist Tripwire conducted among 104 attendees at the EnergySec 10th Anniversary Security Summit in Austin, Texas on August 18-22, 2014.

Less than 24 hours

While 19% claimed they could detect a threat in less than a week, 24% believed it would take them less than 72 hours and 23% were sure they could spot a threat in less than 24 hours. On the other hand, 10 percent of respondents said data breach detection would take a month, 9 percent said it would take three months and 15 percent were not confident they could detect a breach.

“The survey results reflect a surprising optimism,” said Steven Parker, president of EnergySec, a non-profit organisation formed to support organisations within the energy sector in securing their critical technology infrastructures.

“Attack detection is a critical capability, and I think there is much more work to be done in this area than most organisations realise.”

According to the Mandiant 2014 M-Trends 2014: Beyond the Breach threat report, the average time required to detect breaches is 229 days. The report also states that the number of firms that detected their own breaches dropped from 37 percent in 2012 to 33 percent in 2013.

Dwayne Melancon, chief technology officer for Tripwire, said: “I always say that trust is not a control, and hope is not a strategy. Unfortunately, this data suggests that a lot of energy security professionals are far too hopeful about their own cybersecurity capabilities.”

How much do you know about Internet security? Take our quiz!