Help Net Security explains the results from a recent survey, and wonders if energy sector cyber security professionals are truly competent or just highly naive:
A survey conducted by Dimensional Research found that 49 percent of all respondents believe their organization could detect a cyberattack on a critical system within 24 hours. Energy executives were found to have the highest levels of confidence, with 61 percent claiming their organization could detect a critical system breach in less than 24 hours.
However, according to Mandiant’s M-Trends 2015 report, the average time required to detect an advanced persistent threat on a corporate network is 205 days, and in the 2015 Data Breach Investigations Report, Verizon reported that 66 percent of cyberattacks took months to detect.
“Cybersecurity within energy companies is stronger than it has ever been, yet growing bodies of evidence indicate that it’s still far too easy to compromise the energy infrastructure,” said Mark Weatherford, principal at The Chertoff Group.
The people who participated in this survey either lied or are highly delusional.