ACCORDING to SecurityScorecard, 90% of the world’s top energy companies suffered third-party data breaches over the last year, underscoring how dependence on external vendors is expanding the attack surface. The 2023 industry recap notes 264 reported breaches in the energy sector linked to third-party issues, with the MOVEit vulnerability especially prevalent in the last six months and affecting numerous global energy companies.
The report also found that 33% of energy companies scored a C or lower in security, indicating a heightened breach risk. Financial ramifications are significant, with the average cost of a data breach in 2023 reported as USD 4.45 million. The breaches can disrupt operations and damage reputations, complicating efforts to protect sensitive information and maintain public trust.
To counter these threats, energy sector firms are adopting vendor risk assessments, continuous monitoring of third-party systems, and safer data transfer and network segmentation practices.