Standard content for Members only
To continue reading this article, please login to your Utility Week account, Start 14 day trial or Become a member.
If your organisation already has a corporate membership and you haven’t activated it simply follow the register link below. Check here.
More than half of UK firms said they would switch provider in the event of a security breach
Almost two thirds (65 per cent) of UK businesses are “significantly concerned” about the cyber risks associated with smart energy technology, a survey has found.
The latest B2B energy survey by consultants PwC also reveals more than half (51 per cent) of British firms are worried their client data is not being handled security enough by their energy supplier.
And according to the survey, three in five (57 per cent) of businesses said they would switch supplier if their current provider fell victim to a breach of cyber security.
“Against a backdrop of technology innovation, privacy regulation, and the growing adoption of the Internet of Things, it’s perhaps not surprising that UK businesses are concerned about cyber threats – finding that is mirrored in our recent chief executive survey, where cyber ranked as a higher threat than the speed of technological change,” said PwC’s power and utilities leader, Steve Jennings.
“With cybercriminals able to turn off the supply tap, as well as monetise data from energy firm’s customer and employee digital records, the risk is clear and cannot be ignored.”
Demonstrating the enormity of these risks, PwC and BAE Systems recently uncovered a global hacking group (APT10) which was targeting providers of managed outsourced IT services.
This provided a route into their customers’ organisations around the world and gained them unprecedented access to intellectual property and sensitive data.
According to PwC cyber specialist Niko Kalfigkopoulos there are a number of steps smart energy suppliers can take security and give their customers’ much-needed reassurance that their data and security of supply is protected.
These include:
● Reviewing incident response capabilities and how data breaches are managed, particularly in light of the incoming General Data Protection Regulation requirements for timely reporting of data privacy incidents.
● For cloud services, suppliers should seek provide third party assurance over the service provider they use to ensure they are effectively managing the risks to customer data.
● Customer privacy must be prioritised and transparent; strategies for privacy by design and communication to the general public of how they are managing customer data are required.
● Suppliers should push for a form of industry standard product assurance, which would allow them to label their devices as ‘approved’ and reduce their exposure to being left at fault if the customer adds ‘unapproved’ devices to their network.
“With around a third of industrials and over a fifth of commercial organisations planning to spend more than £1m on smart energy technology, the need for utilities – and smart technology suppliers in general – to get their cyber house in order is vital,” said Kalfigkopoulos.
“This will not only help them in defending their own internal systems, it will also help improve the security of their connected home and smart technology offerings.”
Please login or Register to leave a comment.