TIP: Click on subject to list as thread! ANSI
echo: politics
to: All
from: Mike Powell
date: 2024-12-12 10:44:00
subject: The US energy sector is b
The US energy sector is being put at risk by critical third-party
vulnerabilities

Date:
Wed, 11 Dec 2024 22:03:00 +0000

Description:
Interconnected nature of energy sector makes it particularly susceptible to
cyberattacks.

FULL STORY

New research has claimed significant vulnerabilities are plaguing the US
energy sector - with a worrying amount stemming from third-party weaknesses. 

A recent report by SecurityScorecard and KPMG based on a survey of the 250
largest US energy companies claims third-party risks account for 45% of
breaches, with 67% of breaches in this sector linked to software and IT
vendors. 

The data shows the US energy sector has a critical reliance on third-party
services for cybersecurity.

Escalating cybersecurity threats 

The report also highlights a notable disparity between oil and gas companies
and their renewable energy counterparts. Oil and gas companies generally 
score better in cybersecurity, with many earning an A rating, reflecting 
their relative strength in addressing cyber threats. In contrast, renewable
energy firms lag behind, receiving an average score of B." 

The interconnected nature of renewable energy systems, such as smart grids 
and solar or wind power installations, makes them particularly vulnerable to
cyberattacks, with the report suggesting that addressing these 
vulnerabilities should be a priority for the sector. 

In the energy sector, most cybersecurity vulnerabilities are concentrated in
three key areas - application security, network security, and DNS health -
with 92% of companies having their lowest scores in these risk categories. 

US critical infrastructure has already been subject to a number of attacks
from Russia , China , and Iran , highlighting the need for improved 
resilience against vulnerabilities and better protection for exposed
endpoints. 

The energy sector's growing dependence on third-party vendors highlights a
critical vulnerability  its security is only as strong as its weakest link,"
noted Ryan Sherstobitoff, Senior Vice President of Threat Research and
Intelligence at SecurityScorecard. 

"Our research shows that this rising reliance poses significant risks. Its
time for the industry to take decisive action and strengthen cybersecurity
measures before a breach turns into a national emergency."

======================================================================
Link to news story:
https://www.techradar.com/pro/The-US-energy-sector-is-being-put-at-risk-by-cri
tical-third-party-vulnerabilities

$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SOURCE: echomail via QWK@pharcyde.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.