State of IT Security: Study of Utilities & Energy Companies
"The purpose of this research is to better understand how US government departments, agencies and enterprise organizations determine their state of readiness to a plethora of information security, data protection and
privacy risks. The study focuses on the people, process and technologies these organizations deploy to maintain a high level of vigilance.
A total of 291 IT and IT security practitioners in utilities and energy companies with an average of 11 years of experience participated in this study. The work of participants in our study involves securing the organization's information assets, enterprise systems or critical infrastructure. They also have some level of familiarity with NERC, FERC and CIP standards on the protection of cyber assets and the critical infrastructure."
