Only half of oil and gas companies have put in place a strategy to address information security threats, according to a survey of oil and gas IT executives by IDC Energy Insights.
Infosecurity.Com - The survey of global IT executives also discovered that oil and gas companies still lag behind other industries in formulating approving, and executing information security policies, as well as getting buy-in from senior management.
"In oil and gas companies, awareness of appropriate security policies and best practices is still not good enough. They need to be better prepared to prevent and manage security breaches. This is not the time to reduce the budget for IT security and compliance", commented Roberta Bigliani, head of Europe, Middle East, and Africa IDC Energy Insights.
Of the top three information security threats perceived by oil and gas companies, the greatest is state or industrial espionage, followed by employee error or accidental loss of sensitive information, and vulnerabilities owing to insecure code, the survey found.
In addition, 55% of survey respondents indicated an expected increase in their information security budget over the next 12 months. Only 10% of the respondents indicated that they are using regulatory compliance as a requirement to justify budgets. In fact, almost 25% of respondents said that the regulatory environment was a barrier to ensuring information security More
