Security Performance in the Utilities Sector: Steps for Progress

For years, it has been widely-known that the Utilities industry has struggled with cyber security in relation to other industries. In 2014, Unisys and the Ponemon Institute found that 70% of Utility companies surveyed around the world had been breached. The vast majority of breaches are often not reported publicly- or even worse, they aren’t discovered at all. However, breaches for Utility companies are a big problem: beyond safeguarding critical infrastructure, these companies often hold a large amount of customer data.

In previous years, breaches of Utility companies have led to the loss or destruction of hundreds of thousands of records. In 2013, Central Hudson Gas & Electric Corporation notified 110,000 of its customers that personal information including bank accounts had been accessed. In addition to data loss, Utility companies are also at risk to have data completely destroyed. A recent survey conducted by TrendMicro and the Organization of American States (OAS) found that 44% of critical infrastructure companies have experienced attempts to delete files. Recent analysis from BitSight has confirmed that Utilities are struggling to secure their networks against potential cyber attacks.

Botnet grades as a key security metric

The most recent Insights report, Beware the Botnets, uncovered that organizations with a BitSight botnet grade of B or lower were more than twice as likely to experience a publicly disclosed breach. Alarmingly, Utilities fared poorly in this category with 52% of these companies receiving a botnet grade of B or lower. While botnets do not necessarily lead to data loss, they signal a loss of protective controls and that some systems or data are at risk.


Greater adoption of continuous monitoring solutions in the Utilities sector could translate to significant improvements in security performance. Due to the severity and complexity of botnets, it is vital that Utilities companies detect infections as early as possible. Additionally, since botnet infections are linked with a higher likelihood of public breaches, they should be viewed as a key indicator of security performance. Despite the unique security challenges Utilities companies face, better detection and remediation of botnet infections and other security events, configuration issues and risky user behaviors would be a big step towards reaching a higher level of security performance.