Deloitte Touche Tohmatsu   Deloitte Touche Tohmatsu
Global > Australia > News & research > Media releases    
Energy & resources sector: global security report by Deloitte throws up some surprises
Published: 01/8/08
Contact: Anna Brown
Deloitte
Media & Communications
+61 (0) 419 214 913

“Deloitte’s 2008 survey of information security practices across the energy and resources (E&R) sector globally provides key pointers for organisations seeking to ensure their information security does not constitute a source of either strategic or operational weakness, said Deloitte Global head of Security & Privacy Services, Adel Melek, in Sydney last week.

Two-thirds (67%) of the E&R organisations surveyed cited human error as the most significant root cause of security failure, ahead of either technology or operations. Yet almost one third (29%) of those surveyed did not provide employees with any training on information security or how to identify suspicious activities.

“For a sector so well versed in training its people this is a surprising omission, said Mr Melek, particularly as the need for security to remain a high priority is clear from the level of incident.

More than half the survey respondents (53%) had suffered an email attack in the last twelve months, with 44% experiencing repeated attacks.

Head of Deloitte’s Security & Privacy practice in Australia, Tommy Viljoen said, “Participation in the survey was heavily skewed towards the energy rather than resource end of the sector.

“What is surprising however is that little more than half (55%) of global survey respondents had a formal business continuity plan (BCP) in place.

“Moreover while 81% had some form of crisis management plan in place, only 27% had nominated crisis management teams or regularly tested their crisis management plans.

“We all know that practice makes perfect. The best-looking document in the world can contain significant holes which only become apparent through the crucible of testing, said Mr Viljoen.

Commenting further Mr Melek said, “Of course, having an online retail customer interface has been a secondary reason for utilities to be information security conscious. Globally the trend in information security attacks has been away from attacks on infrastructure to what has been perceived as a weaker link - web application security.

Tommy Viljoen
Deloitte
Leader, Security & Privacy Services
Tel: +61 (0) 2 9322 7713
Attachments
Energy & resources sector: global security report by Deloitte throws up some surprises (47 KB)
Deloitte media release

Contact us for more information about this topic.
 
Page Last Updated: 01 August 2008
Source: Deloitte Touche Tohmatsu - Australia (English)

Print This Page    Email To A Colleague
  Security | Legal | Privacy    

© 2008 Deloitte Touche Tohmatsu. All rights reserved.

Deloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, and its network of member firms, each of which is a legally separate and independent entity.  Please see www.deloitte.com/au/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu and its member firms.

Liability limited by a scheme approved under Professional Standards Legislation.

Podcasts | RSS feeds