The energy industry is one of the top 10 industries targeted for cyberattacks. Increased use of automation systems and the migration of sensitive information to the cloud has helped oil and gas companies become more connected and competitive but these new technologies have also opened the door to cyber criminals looking to exploit gaps in security.
Attacks can take the form of malware, ransomware, infrastructure sabotage and data espionage. Companies using industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, or ’smart’ devices are vulnerable. For example, an employee, or even a vendor, can click on one phishing email and unknowingly allow a bad actor access to an organization’s network. Once a criminal accesses one computer in your network, they will attempt to move laterally to increase the damage which can include plant shutdowns, undetected spills, damage to automated equipment and bodily injury.
One of the strongest lines of defense is to train employees to recognize phishing attempts. The cyber liability partners we work with offer free cyber risk assessments and trainings for businesses to identify and prevent cyber incidents. Whether the motivation is corporate espionage, political or monetary, the results of a cyberattack can be hugely disruptive and costly to an organization.
The AssuredPartners Energy team works with our cyber insurance carriers to identify possible threats to energy businesses and put appropriate coverages in place. Cyber policies can cover stolen funds, lost business income, breach response costs, cyber extortion, reputation repair and more. Contact our energy professionals for assistance with evaluating your inherent risk tolerance, and to work in partnership to create the insurance program best suited for your specific needs.