Unisys Corporation recently sponsored a survey by the Ponemon Institute of 599 security executives of critical infrastructure providers. The top three functions of the respondents were chief information officer, business operations leader and IT security leader.

According to the report, the research was conducted “to learn how utility, oil and gas, alternate energy and manufacturing organizations are addressing cyber security threats. These industries have become a high profile target for security exploits.”

The survey found that almost 70 percent of the businesses surveyed had experienced a major security breach within the last year. 64 percent said they were expecting at least one serious security attack in the future.

The top five targets for the attacks included: databases; desktops, laptops, smartphones and tablets; cloud-based systems; servers; and industrial control systems.

A key finding was that most companies are not thoroughly utilizing their IT security programs. 72 percent of respondents did not list security as one of their top five strategic priorities across the enterprise. Also, most of the companies (43 percent) are in the middle stage of security maturity levels, meaning “IT security program activities are defined but only partially deployed.”

Unisys believes that critical infrastructure organizations are not fully prepared to combat cyber security attacks. According to the report, “Energy, utilities, industrial and chemical manufacturing companies are prime targets, especially to attackers that are financed by unfriendly nation-states or criminal organizations.”

The report concludes by providing suggestions to improve critical infrastructure security.

Read the full report here.

[ photo courtesy of Unisys ]