Information Security Gains Momentum in the Oil and Gas Industry as Over 50% of Companies Confirm Security Investments Are Important
Information Security Gains Momentum in the Oil and Gas Industry as Over 50% of Companies Confirm Security Investments Are Important
  • Korea IT Times (
  • 승인 2011.07.27 12:30
  • 댓글 0
이 기사를 공유합니다

In a recent IDC International Survey on security governance, risk, and compliance, IDC Energy Insights found that over 50% of respondents feel optimistic about information security investments. However, only half of the respondents' organizations have an official strategy in place to overcome potential information security threats. More insights are revealed in the report - Cybersecurity in Oil and Gas Grapples for Attention - Companies Show Good Momentum with Many Gaps to Fill, which sheds light on the fundamental issues around core security initiatives within oil and gas companies.

The report provides a combined analysis of two IDC surveys: IDC Energy Insights' International Survey on Security Governance, Risk, and Compliance and 2011 North American Vertical IT and Communications Survey. Survey results, along with secondary research and analyst expertise, provide the foundation for analysis and outline recommendations that will help oil and gas companies' IT executives to maximize the benefits of their investments in information security, minimize the risk of security breaches, while embracing new opportunities, such as cloud, social networking, and mobile devices.


Historically, oil and gas companies have been a capital-intensive business, but the industry is fast becoming more information-intensive, with information spanning wide timescales and locations. This transition is further propelled by an increase in the digital intensity owing to a progressive adoption of smart fields (or digital oilfields) technologies by the organizations.


The industry evolution towards integrated operations, connectivity, and an ensuing focus on risk as well as the rise in cybercrime and terrorist threats, has amplified the boundaries for cybersecurity initiatives in oil and gas companies. It is encouraging to see that oil and gas decision makers believe the role of information technology is changing from being seen a technology cost center to being part of organizations' strategic functions. The survey also highlights that of the top 3 security threats perceived by oil and gas companies, the greatest is state or industrial espionage, followed by employee error or accidental loss of sensitive information and vulnerabilities owing to insecure code.

Key findings from the survey reveal that:

  • Companies need to catch up on security policies. Oil and gas companies are still lagging behind an average cross-industry company in formulating security policies - and approving and executing them - as well as getting a strong buy in from senior management
  • Security budgets remain flat or below par. 55% of survey respondents indicated an expected increase in IT security budget over the next 12 months. In North America, spending on new solutions is even scantier, and only 29% of the respondents indicated an investment in new solutions.
  • Security investments are not compliance driven. Only 10% of the respondents indicated that they are using regulatory compliance as a requirement to justify budgets.
  • Tough regulatory compliance and threat sophistication are the biggest barriers. Almost 25% of respondents indicated regulatory environment as a barrier to ensuring security. In addition, 20% of respondents acknowledged the increasing threat landscape.

"Information security does matter for business; it is not just an IT operations concern," said Roberta Bigliani, head of Europe, Middle East, and Africa IDC Energy Insights. "In oil and gas companies, awareness of appropriate security policies and best practices is still not good enough. They need to be better prepared to prevent and manage security breaches. This is not the time to reduce the budget for IT security and compliance."

The report also includes a section describing results from a second survey of U.S. oil and gas companies revealing that while interest in security is improving in the U.S., it does not appear to be driving budgets. More than 31% of the respondents stated that security was a top IT initiative at their company in 2011, but only 12% of the respondents indicate that they are actually making investments to improve security and mitigate risk. "Software spending is increasing for client security solutions such as antivirus and antimalware. Investment in security appliance solutions such as firewalls and intrusion prevention remains low this year, as just 10% of the survey respondents indicate investing in them," said Usman Sindhu, senior research analyst, IDC Energy Insights.

source: IDC

삭제한 댓글은 다시 복구할 수 없습니다.
그래도 삭제하시겠습니까?
댓글 0
계정을 선택하시면 로그인·계정인증을 통해
댓글을 남기실 수 있습니다.

  • Korea IT Times: Copyright(C) 2004, Korea IT Times. .Allrights reserved.
  • #1206, 36-4 Yeouido-dong, Yeongdeungpo-gu, Seoul, Korea(Postal Code 07331)
  • 서울특별시 영등포구 여의도동 36-4 (국제금융로8길 34) / 오륜빌딩 1206호
  • * Mobile News:
  • * Internet news:
  • * Editorial Div. 02-578-0434 / 010-2442-9446 * PR Global/AD: 82-2-578-0678.
  • * IT Times Canada: Willow St. Vancouver BC
  • 070-7008-0005
  • * Email: