The Middle East oil and gas companies are at the risk of a breach coming from circumstances outside of their control and their security measures require a boost as industrial cyber risk intensifies, according to a recent study.
The survey of Middle East field personnel and executives responsible for securing or overseeing cyber risk was conducted by Siemens and Ponemon Institute. Siemens will release the full study in February.
A significant theme from the research is the view that cyber risk has become greater in companies’ operational technology (OT) than in their informational technology (IT) environment.
In fact, industry research confirms that OT has become a growing target, now comprising 30 per cent of all cyberattacks. In the Middle East region alone, 50 per cent of all cyberattacks are directed against the oil and gas industry. These attacks have a major impact on productivity, uptime, efficiency and safety.
A total of 60 per cent of all cyber breaches in the region stem from malicious actors rather than human error, revealed the study.
Many of these are increasingly sophisticated state-sponsored cyberattacks that create an especially heightened risk profile. Another takeaway from the study showed that 19 per cent of the region’s oil and gas companies rated themselves as relatively slow in implementing adequate cyber security measures, compared with 13 per cent in the rest of the world.
Similarly, only 17 per cent saw themselves as leaders, compared to 22 per cent among global counterparts.
Leo Simonovich, vice president and global head, Industrial Cyber at Siemens, said: “Today’s accelerating digitalisation, the convergence of IT and OT, more frequent and sophisticated cyberattacks, and an energy sector in the crosshairs, led Siemens and the Ponemon Institute to delve into the cyber readiness of the oil and gas industry.”
“Attackers have identified this convergence of IT and OT as a key opportunity to penetrate an organisation. As a result, an emerging trend of cyberattacks is designed to disrupt physical devices or processes used in operations. In a digital environment, industrial cyber is the new risk frontier,” he added.
The Middle East-focused study is a follow-up to a similar report conducted by Ponemon Institute earlier this year, examining the US oil and gas industry.
That report revealed that nearly 70 per cent of US oil and gas cyber managers said their operations had experienced at least one security compromise within the past year, resulting in the loss of confidential information and OT disruption. – TradeArabia News Service