BitSight Insights: Are Energy and Utilities At Risk of a Major Breach?

Noah Simon | September 22, 2015

Today BitSight published our third annual industry benchmarking report: Are Energy and Utilities At Risk of a Major Breach? This report illustrates the latest security performance of the Finance, Federal Government, Retail, Energy and Utilities, Healthcare, and Education industries. All of these industries hold sensitive data- and as a result they are targets for hackers. Like we do for all of our BitSight Insights, let’s dive into how each sector performed.


Energy and Utilities 

The Energy and Utilities industry remained relatively unchanged from last year's mean rating. As of August 2015, the average rating for this industry was 652. As more devices are becoming networked in this industry, security challenges will only grow in the future (more on this in an upcoming blog).

Federal Government

This year’s benchmarking report is the first to include the Federal Government. Cybersecurity in this space has been in the spotlight, especially given the OPM breach in July in which 21.5 million records were stolen. We’ve highlighted how the government faces great challenges in mitigating third party risk. Despite these challenges, this sector was the second highest out of all the industries observed in this study with an average BitSight Security Rating of 688.

Download the latest BitSight Insight Report


2014 was dubbed by many as “the year of the retailer breach”. So how did the industry fare this year? The mean BitSight Security Rating for Retail was 684- an improvement from last year’s 674 mean rating. A recent BDO survey showed that 56% of retailers are investing more in cybersecurity.


This year’s mean BitSight Security Rating for Education was 554. It is also the second year in a row that the industry rating dropped during school months. Stephen Boyer, CTO and Cofounder has recently said that the industry’s main challenges are tight budgets, a lack of control, and an extensive bring-your-own-device (BYOD) climate.


The mean rating for this industry was 634. Many of the biggest data breaches this year occurred in this sector: Anthem Insurance (37.5 million records stolen), Premera (11 million records stolen), and UCLA Health System (4.5 million records lost).


Like all of the industry benchmarking reports we have published so far, Finance remains the top performer. The industry’s mean rating was 716- in line with its rating of 712 last year. Financial firms have made significant investments in cybersecurity: a recent PwC survey showed the industry plans to spend $2 billion in security over the next two years. Companies like Bank of America also recognize the importance of analyzing security metrics to improve the detection and mitigation of cyber attacks.

Interested in the full analysis for these industries?

Download the third annual industry benchmark report to learn how vulnerable each industry is to common SSL bugs, as well as the unique security challenges each industry faces.

Download the latest BitSight Insight Report "Beware the Botnets"  

Suggested Posts

How DataOps is Transforming How Business Handles Data

You are building a mission-critical big data infrastructure. You have a team of talented software engineers who are dragged into internal meetings with various stakeholders and customers as data and product Subject Matter Experts. You have...


BitSight Security Ratings Platform Expands Its Visibility in Compromised Systems

Since creating the Security Ratings market in 2011, a core component of BitSight’s value to users has been providing industry-leading comprehensive visibility into malware communications.


Advanced Security Benchmarking with BitSight Peer Analytics

On March 4th, BitSight released  Peer Analytics, the newest advanced analytics module from the leader in security ratings. This allows organizations to better understand and manage their security performance in relation to their industry...

Subscribe to get security news and updates in your inbox.