In short, if you have something to sell or process data, then you have something to steal.
Energy suppliers process and utilise a vast wealth of data that is appealing to cybercriminals. The personal details of customers and their financial information are tempting targets for hackers.
Technology is playing an ever increasing role in the running of energy supply companies with virtually all utilising customer service and electronic billing systems. The increase in connectivity has created more attack vectors and in turn raised the threats faced.
According to the new Cyber Threat Ranking Table, the energy sector experienced median losses of over £100,000 within the last year and topped the table for the sectors most at risk.
The report shows that 84% of energy suppliers have a dedicated cybersecurity role in place but only 68% have a cyber insurance policy and the average budget allocated to security is 10% less than the national average seen in other sectors.
Often, a lower cybersecurity budget correlates with a higher number of security incidents.
Smaller energy suppliers are more likely to be attacked as hackers tend to seek out what they deem to be easy prey. A common issue found in cybersecurity is that smaller businesses think that their size will mean that will slip under the radar of criminals who they believe will want larger prizes. In reality, the opposite of that is true as hackers tend to seek out the easiest targets possible.
The Covid-19 pandemic has also increased the risk on energy suppliers as many have been forced to either furlough their staff or move to a working from home model which in itself raises a whole host of cybersecurity issues.
Companies are also more likely to understandably be focusing on other issues and could be putting the cyber risks on the back burner leaving them vulnerable.
Also read: Elexon hit by Cyber Attack
“While firms appear to be upping their game when it comes to cybersecurity at a global level, this is by no means uniform across sectors or countries.
The UK energy sector currently appears to be among the most vulnerable which, giving the growing intensity of criminal activity across the globe is a great concern. The high risk score associated with businesses in this sector highlights the importance of on going investment in cyber defences to help minimise vulnerability and improve overall cybersecurity resilience,” said Stephen Ridley, cyber underwriting manager at Hiscox UK.
Effective cybersecurity doesn’t have to be overly expensive and the risks can be reduced by implementing some basic steps. These include -
There’s some excellent advice provided by the NCSC - https://www.ncsc.gov.uk/collection/10-steps-to-cyber-security/the-10-steps
Dyball Associates are proud to help new supply businesses successfully launch in the UK market.
Through our energy market consultancy services, and the software we’ve developed, we’re supporting new UK electricity and gas suppliers get set up and start supplying.
For more information on how to start and manage an energy company, get in touch with Dyball Associates today.