14 DAY TRIAL // Companies are not always fully aware of the governmental Critical Infrastructure Protection programs and those who are aware are not so willing to cooperate.
The Critical Infrastructure Protection Survey released by Symantec for 2011 reveals that compared to 2010, when 56% of companies were engaged in such programs, this year only 37% have anything to do with these activities.
Numbers show that worldwide more than 40% of businesses have no opinion or they're neutral to the CIP programs, the lack of interest resulting in a dropped readiness level in front of cyber threats.
When asked if their countries included their sectors in the CIP plans, half answered positively and 20% said 'no'. Other figures show that while close to half have a good opinion on the government's plans, more than 70% claim they will get involved in such programs only for a year and only 29% want to get in on the ride for a longer period.
The paper also includes a set of guidelines that should help businesses make sure their networks are prepared to withstand attacks coming from the online environment.
“The findings of this survey are somewhat alarming, given recent attacks like Nitro and Duqu that have targeted critical infrastructure providers,” said Dean Turner, director, Global Intelligence Network for Symantec.
“Having said that, limitations on manpower and resources as mentioned by respondents help explain why critical infrastructure providers have had to prioritize and focus their efforts on more day-to-day cyber threats. However, we think that targeted attacks against critical infrastructure providers in the form of Stuxnet, Nitro and Duqu will continue,” Turner added.
“Businesses and governments around the world should be very aggressive in their efforts to promote and coordinate protection of critical industry cyber networks. These latest attacks are likely just the beginning of more targeted attacks directed at critical infrastructure.”