The UK energy industry spends around £265m a year to protect itself against data breaches and system outages.
Yet 94 per cent of the sector has seen an increase in the number of breaches over the last five years, with 30 per cent having battled an online security breach in the past 12 months,
These are the key findings of research from cybersecurity company AVORD, which this week has launched a new security testing platform.
Brian Harrison, founder and chief executive of AVORD, said the findings “put the spotlight firmly on the security testing market, which is dominated by consultancies who provide services to businesses, sometimes at twice the daily rate of an independent tester – often referred to as ethical hackers. With 74 per cent of UK businesses claiming the cost of testing is too expensive, there is a clear demand for change.”
Harrison said nine out of 10 energy companies currently outsource the security testing on their critical assets and added that the need to use consultancies is being driven by a skills shortage, with 86 per cent of 400 businesses polled by AVORD revealing that they don’t fully possess the in-house, employee skills and knowledge to carry out security testing.
“Quite simply, security testing has become too expensive for many UK businesses,” said Harrison. “Companies are struggling to cope with the ever-increasing threats impacting on their attempts to secure systems at current costs. Unless something changes, businesses will be forced to cut corners, and this will inevitably mean there are more data breaches and system outages.
He said the free to use AVORD platform “has been designed to disrupt the current security testing model by cutting out the costly ‘middle-man’ consultancies and allows businesses to directly manage and engage security testers”.
“This means that whereas industry currently pays up to £1100 per day for cybersecurity testing, that cost will be reduced to approximately £600, collectively saving UK businesses around £3bn annually.”
Harrison said that AVORD’s research found that over the past five years, the majority of companies have seen a major increase in the number of data breaches: one in five reported an increase of between 11 per cent and 20 per cent, while more than a half reported up to 10 per cent more data breaches. Of those hit by a cyberattack, 100 per cent reported that the breach occurred partly as a result of issues with the security testing process.
And he added that the impact of breaches in the past 12 months has been widespread, with 93 per cent reporting a loss of customers. Two thirds of those surveyed were hit by fines from regulators, while four in five suffered from reputational damage.