New Survey Reveals Critical Infrastructure Cybersecurity Challenges
July 20 2015 - 12:01AM
Business Wire
Aspen Institute, Intel Security Critical
Infrastructure Survey Shows 86% of Respondents Want More
Public-Private Cooperation; Of Those who Experienced Cyberattacks,
59% Reported Physical Damage
Information technology (IT) executives within critical
infrastructure organizations see a need for public-private threat
intelligence sharing partnerships (86% of respondents) to keep pace
with escalating cybersecurity threats, according to a survey
released today by The Aspen Institute and Intel Security. A
majority (76%) of survey respondents also indicated they believe a
national defense force should respond when a cyber attack damages a
critical infrastructure company within national borders.
Additionally, although most respondents agree that threats to their
organizations are on the rise, they maintain a high degree of
confidence in existing security.
The survey, Holding the Line Against Cyber Threats: Critical
Infrastructure Readiness Survey, reveals that the critical
infrastructure providers surveyed are pleased with the results of
their efforts to improve cybersecurity over the last three years,
but at the same time many (72%) said that the threat level of
attacks was escalating. Almost half of all respondents (48%)
believe it is likely that a cyberattack on critical infrastructure,
with the potential to result in the loss of human life, could
happen within the next three years.
“This data raises new and vital questions about how public and
private interests can best join forces to mitigate and defend
against cyberattacks,” said Clark Kent Ervin, Director, Homeland
Security Program, Aspen Institute. “This issue must be addressed by
policymakers and corporate leaders alike.”
Survey results suggest there may be a disconnect between
critical infrastructure providers and the current threat
landscape:
- Perceived Improvements:
Respondents believe their own vulnerability to cyberattacks has
decreased over the last three years. When asked to evaluate their
security posture in retrospect, 50% reported that they would have
considered their organizations “very or extremely” vulnerable three
years ago; by comparison, only 27% believe that their organizations
are currently “very or extremely” vulnerable.
- Government Involvement
Encouraged: Private industry is often hesitant when it comes to
government’s involvement in private sector business; however, 86%
of respondents believe that cooperation between the public and
private sectors on infrastructure protection is critical to
successful cyber defense. Furthermore, 68% of respondents believe
their own government can be a valuable and respectful partner in
cybersecurity.
- Confidence in Current Solutions:
Sixty-four percent believe an attack resulting in fatalities has
not happened yet because good IT security is already in place.
Correspondingly, more than four in five are satisfied or extremely
satisfied with the performance of their own security tools such as
endpoint protection (84%), network firewalls (84%), and secure web
gateways (85%).
- Disruptions Increasing: More
than 70% of respondents think the cybersecurity threat level in
their organization is escalating. Around nine in ten (89%)
respondents experienced at least one attack on a system within
their organization, which they deemed secure, over the past three
years, with a median of close to 20 attacks per year. Fifty-nine
percent of respondents stated that at least one of these attacks
resulted in physical damage.
- Loss of Life?: Forty-eight
percent of respondents believe it is likely that a cyberattack that
will take down critical infrastructure with potential loss of life
will occur within the next three years, although there were no
additional survey questions to determine the circumstances under
which respondents believed the loss of life could occur. More US
respondents thought this scenario was “extremely likely” to occur
than did their European counterparts.
- User Error Still #1 Issue:
Respondents believe user error is the greatest cause of successful
attacks on critical infrastructure. Organizations may strengthen
their security postures, but individual employees can still fall
victim to phishing emails, social engineering and drive-by browser
downloads that successfully infect their organizations’
networks.
- Government Response: Seventy-six
percent of respondents believe a national defense force should
respond when a cyber attack damages a critical infrastructure
company within national borders.
- Different Country Perspectives:
US respondents believe the likelihood of a catastrophic cyberattack
on critical infrastructure that could result in loss of life is
more certain than do their European counterparts. While 18% of US
sources consider this scenario “extremely likely” to occur in the
next three years, only 2% in Germany and 3% in the UK think it
extremely likely.
Chris Young, Executive Vice President and General Manager of
Intel Security, will be speaking at the Aspen Security Forum in
Aspen, Colorado, where more than 80 leading experts will discuss
the most critical questions about national security.
Methodology
The survey, conducted by Vanson Bourne, interviewed 625 IT
decision makers with influence over their organization’s security
solutions in France, Germany, the United Kingdom and the United
States (250 interviews in the US and 125 in each of the UK, France
and Germany).
Respondents were from private and public organizations (minimum
of 500 employees), with particular focus on the critical
infrastructure sectors of energy (139 respondents), transport (130
respondents), finance (159 respondents) and government (128).
Questionnaire surveys, such as the one conducted by Vanson Bourne
and Intel Security, collect data at a single point in time and are
limited in their ability to collect complex and nuanced responses.
Furthermore, they are not independently able to support long-term
conclusions.
About The Aspen Institute
The Aspen Institute is an educational and policy studies
organization based in Washington, DC. Its mission is to foster
leadership based on enduring values and to provide a nonpartisan
venue for dealing with critical issues. Through public and
invitation-only forums, roundtables, and conferences, speeches,
books, opinion editorials, social media outlets, and media
interviews and appearances, the Aspen Institute’s Homeland Security
Program works to heighten public awareness as to the nation’s
continued vulnerability to terrorism and to persuade decision
makers to take the necessary steps to close the gap between how
secure we should be and how secure we actually are.
www.aspeninstitute.org
About Intel Security
McAfee is now part of Intel Security. With its Security
Connected strategy, innovative approach to hardware-enhanced
security and unique McAfee Global Threat Intelligence, Intel
Security is intensively focused on developing proactive, proven
security solutions and services that protect systems, networks and
mobile devices for business and personal use around the world.
Intel Security is combining the experience and expertise of McAfee
with the innovation and proven performance of Intel to make
security an essential ingredient in every architecture and on every
computing platform. The mission of Intel Security is to give
everyone the confidence to live and work safely and securely in the
digital world. www.intelsecurity.com.
Intel and the Intel logo are trademarks of Intel Corporation in
the U.S. and/or other countries.
*Other names and brands may be claimed as the property of
others.
© 2015 Intel Corporation
View source
version on businesswire.com: http://www.businesswire.com/news/home/20150719005020/en/
The Aspen InstituteLeah Dreyfuss, +1
202-736-2904leah.dreyfuss@aspeninstitute.orgorIntel SecuritySal
Viveros, +44-7921-891-506Sal_Viveros@mcafee.comorRH Strategic
CommunicationsTrish Rimo, +1 202-379-0825trimo@rhstrategic.com
Intel (NASDAQ:INTC)
Historical Stock Chart
From Feb 2024 to Mar 2024
Intel (NASDAQ:INTC)
Historical Stock Chart
From Mar 2023 to Mar 2024