Energy sector behind on IT security says IDC

IDC Energy Insights survey shows oil & gas sector growing awareness of cyber threats, but still behind industry standards

Tags: International Data CorporationOil & Gas
  • E-Mail
Energy sector behind on IT security says IDC Oil & gas companies are increasingly reliant on IT, but lag behind on information security.
By  Mark Sutton Published  July 27, 2011

Oil and gas companies are lagging behind in formulating and implementing information security policies, despite growing awareness of the need for better cybersecurity.

According to a recent global survey by IDC Energy Insights, only half of the organisations surveyed have an official strategy in place to overcome potential information security threats.

The top three threats that energy sector respondents felt they faces were state or industrial espionage, employee error or accidental loss of sensitive information and vulnerabilities owing to insecure code.

The oil and gas industry is increasingly reliant on information resources, with a move to ‘smart oilfields’ technologies, integrated operations, and connectivity across multiple sites. The change has led to a greater awareness of the need for IT security, and 50% of respondents felt optimistic about their information security investments, and a growing perception of IT as part of the organisation’s strategic functions, but the industry a whole still lags behind cross-industry averages.

IDC also found that security budgets in the sector are either flat or below par, although 55% expect an increase in the next 12 months, that security investments are not driven by compliance, as in other sectors, and that regulatory environment (25% of respondents) is a barrier to ensuring security, as is the increasing threat landscape (20%).

“Information security does matter for business; it is not just an IT operations concern,” said Roberta Bigliani, head of Europe, Middle East, and Africa IDC Energy Insights. “In oil and gas companies, awareness of appropriate security policies and best practices is still not good enough. They need to be better prepared to prevent and manage security breaches. This is not the time to reduce the budget for IT security and compliance.”

2309 days ago
Vinod Mehra

The threat identified by IDC are the common threats across industries ????
"The top three threats that energy sector respondents felt they faces were state or industrial espionage, employee error or accidental loss of sensitive information and vulnerabilities owing to insecure code."

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code