U.S. Oil and Gas Sector at Risk of a Cyber Breach According to BreachBits Study | Nation/World

/in


ANNAPOLIS, Md.–(BUSINESS WIRE)–Aug 9, 2022–

The majority of companies across the U.S. oil and gas industry are at risk of a successful cyber breach according to BreachBits, a cyber risk rating and monitoring company that evaluates and tests organizations from a hacker’s perspective to empower them to anticipate attacks. Following an analysis of 98 representative upstream, midstream, downstream and supply chain companies across the energy sector, BreachBits has released their findings in BreachRisk: Energy 2022, a cyber state of the industry study.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20220809005196/en/

Chart of BreachRisk for U.S. energy companies as examined by BreachBits. (Graphic: Business Wire)

“On average, the oil and gas companies we observed were at Medium Risk, with a score of 4.1 out of ten on our BreachRisk ™ scale, but that risk was not distributed evenly across the sector,” said BreachBits CEO and Co-Founder John Lundgren. “Additionally, 11% of the companies presented potentially serious, High Risk threats. We identify and monitor cyber risks at scale as we did here, detect issues and then test them just as a hacker would for our customers.”

The study by BreachBits ranked 59% of companies at Medium Risk for a cyber breach, 13% at Low Risk and 28% at Very Low Risk. Other key observations included:

  • 94% of all ransomware threats were held by only 51% of companies.
  • BreachRisk increases for companies with greater than $50-million in annual recurring revenue.
  • BreachRisk significantly increases for companies with more than 250 employees.

BreachBits, founded by U.S. military cyber warfare veterans, measures an organization’s BreachRisk as the likelihood of a successful breach against the potential impact to the subject.

“We measure cyber risk based on actual threats and viable attack vectors, not hypothetical ones, and we do that from the hacker’s perspective. That means the risks we identified in this study are the same observations being made by active cyber attackers,” said…

Source…