According to Marsh, a global leader in insurance broking and innovative risk management solutions, energy executives are increasingly concerned about the impact of cyber-attacks on their operations. Over three-quarters (76%) of respondents to a Marsh survey cited business interruption (BI) as the most concerning consequence of a cyber-attack for the energy industry.
Marsh’s report, Could Energy Industry Dynamics Be Creating an Impending Cyber Storm?, is released today at Marsh’s bi-annual Energy Industry Conference in Dubai. The report, which draws on findings from the Marsh-Microsoft Global Cyber Risk Perception Survey, looks at the most concerning cyber loss scenarios for energy executives, the industry’s understanding of cyber exposures, and how organisations plan to manage these risks in the future.
Key findings of the report include:
- 76% of energy executives cited BI as the most impactful cyber loss scenario for their organisation, highlighting not only the growing threat cyber risk presents for the energy industry, but also the heightened risk any BI event could have on production and revenues.
- Despite more than half of energy executives naming cyber as a top-five risk, 54% of energy executives have not quantified or did not know what their worst possible loss exposures could be.
- 26% of energy executives surveyed said they were aware that their company had been victim to a successful cyber-attack in the past 12 months.
- The energy industry plans to invest more in cyber risk management, with 77% of energy executives surveyed saying their organisations will increase levels of investment in cyber risk management, while 26% plan to purchase or increase their cyber insurance.
Andrew Herring, Energy and Power Practice Leader, Europe, the Middle East and Africa, Marsh, commented: “As the energy industry relies more on interconnectivity as a result of greater digitalisation, the potential for cyber-attacks to cause severe disruption to operations, loss of data, and, consequently, high financial losses, should be a key concern for energy executives.
“While it is encouraging that three-quarters of respondents plan more investment in cyber risk management, it is worrying that over half questioned have yet to quantify their exposures. For those firms that have not put plans in place to mitigate and manage attacks or have not measured their cyber exposure, now is the time to take steps to be prepared for the impact an attack could have on their operations and systems.”