The UK energy sector is the most at risk of experiencing cyber incidents, according to a new threat table built from a global study on cyber readiness.
The sector saw a median loss of over £100,000 ($150,000) in the last 12 months on cyber events, having been impacted by phishing and virus infestation attempts. Out of the 15 sectors included in the analysis, energy was one of the industries most likely to experience one or more cyber events over the past year, despite 84% of firms having a dedicated cyber security role.
The findings are part of Hiscox’s Cyber Threat Ranking Table, which uses data from the insurer’s 2020 Hiscox Cyber Readiness Report, now in its fourth year, to rate the comparative cyber risk levels of a range of sectors, from a representative sample of 1,039 UK businesses.
Cyber protection was a key factor when it came to identifying the level of risk for the sector, with only 68% of firms in the energy sector having a cyber insurance policy. The mean budget allocated to cyber security was also 10% less than the UK average.
The professional services sector, which includes lawyers, accountants and consultants, proved to be the most cyber-ready, receiving the lowest risk score overall. Businesses in the industry reported the least amount of cyber events and were among the sectors most able to measure cyber impact.
The Cyber Threat Ranking Table also includes cyber risk based on company size. The biggest UK companies experienced the highest losses on cyber incidents, with a median cost of more than £270,000 ($360,000) in the last 12 months. Risk was also associated with a comparatively low cyber security budget and the highest record of cyber incidents.
Despite some industries receiving relatively high threat ranking scores in the UK, the overall results from this year’s Hiscox Cyber Readiness Report showed a marked improvement (in comparison to previous years) in relation to cyber security readiness with the sectors achieving ‘expert’ status nearly doubling – from 10% to 18%.
Sector risk scores (highest to lowest risk)
- Energy (45)
- Food and Drink (42)
- Business Services (41)
- Government and Non-Profit (41)
- Financial Services (39)
- Pharma and Healthcare (38)
- Travel and Leisure (38)
- Manufacturing (37)
- Retail and Wholesale (36)
- Technology, Media and Communications (36)
- Transport and Distribution (36)
- Property (35)
- Construction (33)
- Professional Services (30)
Hiscox’s Cyber Threat Ranking Table can be found at the following URL: https://www.hiscox.co.uk/cyberreadiness
Stephen Ridley, Hiscox UK Cyber Underwriting Manager, commented: “While firms appear to be upping their game when it comes to cyber security at a global level, this is by no means uniform across sectors or countries. The UK energy sector currently appears to be among the most vulnerable which, given the growing intensity of criminal activity across the globe, is a great concern. The high risk score associated with businesses in this sector highlights the importance of on-going investment in cyber defences to help minimise vulnerability and improve overall cyber security resilience.”