Methods and Practices: Understanding the Key Metrics of a Successful Security Culture
|Document Type||Methods and Practices|
|Number of Pages||11|
|Number of Figures||2|
This IDC Energy Insights report provides an analysis of the cybersecurity and information security practices in oil and gas companies. The report focuses on the overarching concerns of IT and operations professionals relating to the implementation of security and risk practices. The oil and gas industry is on the cusp of an evolving cybersecurity and information security culture. The emerging threats are targeting oil and gas companies' intellectual information and control system weaknesses. In addition, policy makers are pursuing granular cybersecurity controls toward critical infrastructure companies, such as oil and gas companies, to increase information sharing with federal entities. The evolving risks and tightening controls from federal entities mean that security professionals have to create a culture that measures the progress of security and risk practices.
"IT and control system groups work in silos," says Usman Sindhu, senior research analyst, Utilities and Oil and Gas, IDC Energy Insights. "Oil and gas professionals are busy tackling security issues for emerging threats; however, they need to improve the processes around incident and event management. In addition, companies are just starting to discuss how security progress can be measured based on metrics such as number of incidents, control system failure, intrusion attempts, and patching failures."
Our records show that you do not have access to this document.