For nearly 20 years, IBM has had its finger on the pulse of cybersecurity. Annually, they deliver one of the industry’s preeminent studies on the subject. Released recently for the 17th straight year, the Cost of a Data Breach Report is a widely viewed asset by company leaders across various sectors, including energy and utilities. While those sectors don’t come to mind when thinking of cyberattacks, energy actually ranked fifth in the 2021 report’s ranking. The averages total cost of a data breach by industry is down from last year’s second position.

Despite that positive momentum, cybersecurity remains an ongoing and serious threat that utilities must strategically navigate. Today, we’re exploring data breaches to further explain some of the most pressing risks and challenges that face the energy and utility industries today. Also, reviewing what a negative outcome could cost the company.

What is a data breach?

One of the world’s most trusted digital security companies, Norton, has a very simple answer for the question, what is a data breach: “A data breach is a security incident in which information is accessed without authorization.” There are a variety of different types of information that fraudsters can access as part of a data breach, with each having unique ramifications and concerns for the utility.

Related: With Cybersecurity Scrutiny Increasing, Software is the Best

In some cases, involving a solar power utility, fraudsters accessing sensitive information can result in disruptions to business operations. As the Office of Energy Efficiency & Renewable Energy writes, “hackers breached a utility’s web-portal firewall, causing operators to lose visibility of parts of the grid intermittently for 10 hours.” And for utilities that house hundreds of thousands of customers’ private details under lock and key, the risk of a breach involving that data can also severely damage its reputation.

Related: The Intersection of Cybersecurity and the Utility Industry

Cybersecurity risks and challenges facing utilities today

Many of the concerns for utilities regarding cybersecurity and data breaches aren’t unlike those faced by companies in other industries. According to a Verizon report cited by SecurityIntelligence, the types of data most often stolen, lost, or rendered inaccessible by ransomware are login credentials, internal company data, and personal data of employees and customers. Of those attacks, 98% were external threats.

Related: Five Top Tips for Utilities’ Disaster Readiness Planning

Like a lot of companies in other industries, some utilities have also pivoted to allow back-office employees to telecommute. Despite their best efforts to mitigate risks with policies and procedures, there will always be inherent cybersecurity risks.

Related: Introducing Cyber Safety Habits to Your Organization

What can a data breach cost a utility?

The industry as a whole is trending in the right direction when it comes to cybersecurity and preventing data breaches. On the IBM list of total costs for a data breach by industry, the energy sector also saw its average cost fall dramatically. In addition to going from second place on the list to fifth, that number fell from $6.39 million in 2020 to $4.65 million in 2021, a 27.2% decrease.

Related: Data Security Through Software Vendors

Data breaches can cost utilities millions of dollars in lost customer data. fined millions of dollars for losing control of thousands of pieces of information. In high-profile cases, utilities may be forced to dole out millions in ransom just to restore service.

Utilities must find partners that focus on security

EnSight+ offers customizable field service software that helps utilities find efficiencies and be more effective. All within a safe and secure platform. We recognize the importance of cybersecurity, and help utilities safeguard their networks. Contact us today to learn more about our experience thwarting data breaches and cybersecurity threats.

plus-orange-overlay

Multiple field workers. Multiple tasks. Multiple vehicles. One simple piece of software

All monitored by you, in real time. Are you ready to take control?

  • We will never sell or distribute your personal information.
  • This field is for validation purposes and should be left unchanged.