According to a new Cyber Threat Ranking Table from Hiscox, built from a global study on cyber readiness, energy companies in the UK were among the most likely to experience one or more cyber incidents over the last 12 months.
This finding comes despite 84% of energy firms having a dedicated cyber security role. However, only 68% have a cyber insurance policy, and the mean budget allocated to cyber security within the sector was 10% less than the national average.
Conversely, the professional services sector, which includes lawyers, accountants and consultants, proved to be the most cyber-ready, receiving the lowest risk score overall, reporting the least cyber events and being among the most able industries to measure cyber impact.
In addition, the Cyber Threat Ranking Table includes cyber risk based on company size, with the biggest UK companies experiencing the most substantial losses due to cyber incidents, a median cost of over £270,000 in the past year.
Risk was also associated with a comparatively low cyber security budget and the highest record of cyber incidents.
Despite relatively high risk scores being received by some industries, the overall results from this year’s Hiscox Cyber Readiness Report showed a marked improvement compared to previous years, with sectors achieving ‘expert’ status almost doubling from 10% to 18%.
War of the AI algorithms: the next evolution of cyber attacks
Stephen Ridley, cyber underwriting manager at Hiscox UK, said: “While firms appear to be upping their game when it comes to cyber security at a global level, this is by no means uniform across sectors or countries.
“The UK energy sector currently appears to be among the most vulnerable which, given the growing intensity of criminal activity across the globe, is a great concern.
“The high risk score associated with businesses in this sector highlights the importance of on-going investment in cyber defences to help minimise vulnerability and improve overall cyber security resilience.”
Hiscox’s 2020 Cyber Readiness Report, in its fourth year, surveyed 5,569 professionals that are responsible for their organisation’s cyber security strategy, from across the UK, US and Europe.
Sector risk scores in full (highest to lowest)
Food and Drink: 42
Business Services: 41
Government and Non-Profit: 41
Financial Services: 39
Pharma and Healthcare: 38
Travel and Leisure: 38
Retail and Wholesale: 36
Technology, Media and Communications: 36
Transport and Distribution: 36
Professional Services: 30