This page contains a Flash digital edition of a book.
FOCUS 17


by network connectivity and remote access now used in operations. Given the fact that the majority of oil and gas production is controlled by a relatively small number of organisations, the impact of disruption of this kind is heightened further.


There are already many examples of countries using cyber-espionage to benefi t their national companies, and given that this has been seen to be successful, many analysts will see the use of cyber-espionage spreading. Last year’s attack on the world’s largest exporter of crude, Saudi Aramco, highlighted the potential impact a virus could have had on global hydrocarbon markets. More than 30,000 computers were compromised or affected. The attack on Aramco points to an escalation in cyber-attacks, with the adversaries constantly upping their game in a cyber arms race.


Fighting back


Fundamentally, boards need to be on the front foot and devise a robust strategy to combat cyber-crime, with a focus on creating better agility and providing the capabilities needed to counter threats as they evolve.


The reality is that many businesses have a long way to go in catching up with the hackers. Inevitably, as cyber-attacks on the Oil & Gas industry increase, it is estimated it will spur a signifi cant investment in cyber-security by 2018, including spending on IT networks, industrial


Malcolm Marshall Partner, Head of Information Protection and Business Resilience, KPMG Tel:+44 (0)20 73115456 malcolm.marshall@kpmg.co.uk


Wil Rockall Information Protection practice, KPMG Tel:+44 (0)20 73111532 wil.rockall@kpmg.co.uk


control systems and data security; counter measures; and policies and procedures.


Many businesses in the sector are taking this issue seriously and making signifi cant investments strategically and fi nancially, trying to stay ahead of the criminals. KPMG has helped fi rms transform their information risk and IT security functions to deal with the new world. We have discouraged the ‘whack-a-mole’ approach to tackling security fl aws in favour of a more forward-thinking method.


Those who do not act now and invest to transform how their IT infrastructure is secured and managed could be taking a signifi cant risk with the value of their businesses.


In its analysis of the state of security in 2,000 top private businesses around the world, KPMG’s Publish And Be Damned, Cyber Vulnerability Index 2012 reveals that across the sample group (with combined assets of over US$31 trillion), rudimentary methods of accessing public data could glean an average of 210 usernames, 52 network folders and 171 email addresses at a business.


“ © 2013 KPMG LLP, a UK limited liability partnership, is a subsidiary of KPMG Europe LLP and a member fi rm of the KPMG network of independent member fi rms affi liated with KPMG International Cooperative, a Swiss entity. All rights reserved. “


BOARDS NEED TO BE ON THE FRONT FOOT AND DEVISE A ROBUST STRATEGY TO COMBAT CYBER- CRIME, WITH A FOCUS ON CREATING BETTER AGILITY AND PROVIDING THE CAPABILITIES NEEDED TO COUNTER THREATS AS THEY EVOLVE.


BACK TO CONTENTS


CYBER


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29