I always say that trust is not a control, and hope is not a strategy.
Portland, Oregon (PRWEB) September 22, 2014
Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, today announced the results of a survey of 104 attendees at the EnergySec 10th Anniversary Security Summit in Austin, Texas from August 18-22, 2014.
Industry research shows most breaches go undiscovered for weeks, months or even longer. Despite this evidence, 66 percent of respondents were confident that they could detect a data breach on critical systems within a week:
- 23 percent said it would take less than 24 hours
- 24 percent said it would take less than 72 hours
- 19 percent said it would take less than a week
10 percent of respondents said data breach detection would take a month, 9 percent said it would take three months and 15 percent were not confident they could detect a breach.
“The survey results reflect a surprising optimism,” said Steven Parker, president of EnergySec, a non-profit organization formed to support organizations within the energy sector in securing their critical technology infrastructures. “Attack detection is a critical capability, and I think there is much more work to be done in this area than most organizations realize.”
According to the Mandiant 2014 M-Trends® 2014: Beyond the Breach threat report, the average time required to detect breaches is 229 days. The report also states that the number of firms that detected their own breaches dropped from 37 percent in 2012 to 33 percent in 2013.
“I always say that trust is not a control, and hope is not a strategy,” said Dwayne Melancon, chief technology officer for Tripwire. “Unfortunately, this data suggests that a lot of energy security professionals are far too hopeful about their own cybersecurity capabilities.”
For more information about Tripwire energy and utility cybersecurity solutions, please visit: http://www.tripwire.com/it-industry/energy-and-utilities-security/.
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.