Muscat: Energy executives are increasingly concerned about the impact of cyber-attacks on their operations, according to a new report released on Tuesday in Dubai.
Over three-quarters (76 per cent) of respondents to a Marsh survey cited business interruption (BI) as the most concerning consequence of a cyber-attack for the energy industry.
Marsh, a global leader in insurance broking and innovative risk management solutions, report, Could Energy Industry Dynamics Be Creating an Impending Cyber Storm?, was released at Marsh’s bi-annual Energy Industry Conference in Dubai. The report, which draws on findings from the Marsh-Microsoft Global Cyber Risk Perception Survey, looks at the most concerning cyber loss scenarios for energy executives, the industry’s understanding of cyber exposures, and how organisations plan to manage these risks in the future.
The report says that 76 per cent of energy executives cited BI as the most impactful cyber loss scenario for their organisation, highlighting not only the growing threat cyber risk presents for the energy industry, but also the heightened risk any BI event could have on production and revenues.
Despite more than half of energy executives naming cyber as a top-five risk, 54 per cent of energy executives have not quantified or did not know what their worst possible loss exposures could be.
The report further states that 26 per cent of energy executives surveyed said they were aware that their company had been victim to a successful cyber-attack in the past 12 months.
The energy industry plans to invest more in cyber risk management, with 77 per cent of energy executives surveyed saying their organisations will increase levels of investment in cyber risk management, while 26 per cent plan to purchase or increase their cyber insurance, the report said.
“As the energy industry relies more on interconnectivity as a result of greater digitalisation, the potential for cyber-attacks to cause severe disruption to operations, loss of data, and, consequently, high financial losses, should be a key concern for energy executives,” Andrew Herring, energy and power practice leader, Europe, the Middle East and Africa, Marsh, said.
“While it is encouraging that three-quarters of respondents plan more investment in cyber risk management, it is worrying that over half questioned have yet to quantify their exposures. For those firms that have not put plans in place to mitigate and manage attacks or have not measured their cyber exposure, now is the time to take steps to be prepared for the impact an attack could have on their operations and systems,” he added.