A new study has found that the US oil and gas industry and falling behind when it comes to cyber security preparedness, with nearly two-thirds (68%) of organizations having suffered a major security breach in the last year.

Siemens commissioned the Ponemon Institute to survey 370 cyber risk professionals within the oil and gas industry. Some 61% of respondents said their industrial control systems are not sufficiently protected, and nearly two-thirds (65%) claimed that the biggest threat to their organization is negligent or careless insiders.

Even more shocking, only 48% of respondents claim to have plans to use encryption for data in transit over the next 12 months. In addition, only 39% plan to deploy hardened endpoints and only 20% plan to adopt user behavior analytics. This is all scary stuff considering the vast majority of these respondents feel these measures would be very effective in security their IT environment.

Only 41% of respondents claim to have continuous monitoring in place, even though the NERC CIP compliance standard puts a great deal of emphasis on security event monitoring, including breach detection, suspicious activity reporting, and file integrity monitoring.

Change Control for the Energy Sector

However strong the perimeter security, in the vast majority of organizations there are far too many opportunities for hackers or malware attacks to slide in undetected.

Forensic-level monitoring of system changes provides a means whereby subtle breach activity can be exposed, but the amount of noise created on a daily basis by critical upgrades, system patches and required, updates once visible is overwhelming.

When it comes to breach detection, it becomes virtually impossible to distinguish between the expected file and registry changes prompted by these changes and nefarious activity. However, with File Integrity Monitoring, an automatic intelligent change control system, it is possible to cut down the noise, distinguish the unexpected from the planned and, finally, close the change control loop.

 

The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.