A survey of 200 leaders from the critical infrastructure industries revealed that the energy sector is the most likely to be victim of a cyber attack. The survey was completed by IDC was conducted in August and October in Canada, the U.S and Europe.
The reasons to explain this phenomenon are the cost, apathy and government bureaucracy according to the survey. Also, industries are adding more and more possible access points to the internal network by connecting new sensors, meters and other equipment to their networks.
Of course, energy industries networks are valuable targets, and would probably be the first victims in a case of a full-scale cyber attack. And as the events of 2003 shown, only a few power plants need to go down in order to create chaos on a wide region.
If costs are the main factor to wait before securing networks, security is not likely to be in the priorities of managers during the economic crisis that’s coming on the horizon. Unfortunately, those who take the risk of not hardening their security now may pay the price later…And according to Rick Nicholson, research vice president for IDC’s Energy Insights:
“Most utility CIOs [chief information officers] believe that their companies will be compliant with relevant standards, but still have a long way to go before being adequately prepared for all cyber attacks.”
 “Survey: Critical infrastructure risks cyber attack”, Miya Knights, IT PRO, November 10, 2008, http://www.itpro.co.uk/608067/survey-critical-infrastructure-risks-cyber-attack (accessed on November 11, 2008)
 “Energy industry at risk of cyberattack, survey says”, Elinor Mills, November 11, 2008, http://news.cnet.com/8301-1009_3-10094382-83.html?part=rss&tag=feed&subj=News-Security (accessed on November 11, 2008)