Many upstream oil and gas organizations invested in cybersecurity last year in an effort to improve their threat detection and prevention capabilities, according to a survey conducted by professional services company Accenture.
The survey, conducted in the spring of 2019, included responses from 255 individuals in 47 countries. Respondents included executives, managers, IT professionals and engineers from national and international oil companies, independent oil firms, and oilfield services providers.
The results, published by Accenture this week, show that 61% of respondents invested in cybersecurity in 2019, more than any other digital technologies. This is significantly higher than in 2017, when only 12% of respondents said they had been investing in cybersecurity.
When asked about the digital technologies their organization had been planning on investing in over the next 3-5 years, only 35% cited cybersecurity, which is still an improvement compared to 2017, when 24% said they had planned on investing in cybersecurity in the long term.
Cybersecurity was also the top response, cited by 16% of respondents, as the digital technology driving the greatest impact in terms of business performance, up from 9% in 2017.
Back in 2017, when asked about the biggest risk to their business from a lack of digital investments, 18% cited increased vulnerability to cyberattacks. In 2019, however, only 5% were most concerned about cyberattacks.
Accenture believes this is a result of increased investment in cybersecurity, and that it also explains why only 35% of respondents said their organizations plan on investing in cybersecurity in the long term.
“As oil companies’ operations come under increasing threat, cyber resilience becomes more important to stakeholders, consumers and government,” said Rich Holsman, a managing director at Accenture. “Managing attacks isn’t just a matter of protecting reputation, share price and operations, but it’s part of a greater responsibility for national services and security. Upstream businesses must continue to invest thoughtfully and substantially in cybersecurity measures, as they often underestimate their exposure to such attacks, which are also increasing in technical complexity.”