The report found that there seems to be a disconnect between the attitudes of C-level executives and those involved in day-to-day IT security. Almost three-quarters of IT security executives said IT security is not understood or appreciated by their executive management team. Says Larry Ponemon, founder of the Ponemon Institute, which carried out the study:
These results show that energy and utilities organizations are struggling to identify the relevant issues that are plaguing their company from a security perspective. They have to bridge the gap between operations and IT, and make IT security a top priority within the organization.
The study indicates that malicious insiders were the number one cause of data breaches. More shocking, however, is that 67 percent of respondents indicated that they are not using "state-of-the-art" technologies to cut risks to SCADA networks. SCADA system security risks have become a hot topic since the discovery of the Stuxnet worm, which was thought to have targeted specific nuclear plants in Iran.