This IDC Energy Insights report provides an analysis of security, risk, and compliance practices among the utility companies. The report focuses on the progress that utility IT, operations, and security professionals have made toward implementing security and compliance practices. Security professionals in both IT and operations groups are revamping their efforts around cybersecurity, risk management, and compliance. However, they find themselves constantly in need of retooling their efforts to stay abreast with compliance requirements, internal company mandates, and external threat landscape. The report highlights guidelines that will help personnel responsible for information security raise awareness and create building blocks for the security culture among their companies.
"There is a lack of common process and procedure across IT and operations groups," says Usman Sindhu, senior research analyst, Utilities and Oil and Gas, IDC Energy Insights. "Security professionals are constantly occupied in managing compliance and protecting infrastructure from external threats. However, they're gradually paying attention on the culture of security that is built upon metrics and measuring progress."