Utility firms need ‘closer scrutiny’ to detect cyber breaches

“Closer scrutiny” is needed of UK utility companies, as only two cyber security breaches were reported to the Information Commissioner’s Office (ICO) over the course of a year.

Cyber security firm Huntsman Security said the figures demand investigation, as overall the number of incidents reported to the ICO has doubled to 2,048 incidents between April 2015 and March 2016 from 1,089 in a similar period the year before.

Huntsman Security obtained the figures through a freedom of information request and said the lack of reports could indicate that organisations are under “such an intense barrage of cyber activity” that only some are being detected, leading to understated figures.

The firm’s chief executive Peter Woollacott said: “Quite simply, no news is bad news: if breaches aren’t being detected, it most likely just means that security analysts are having difficulty finding the needles in the haystack.

“To help them see through the noise generated by security alerts, organisations must find a way to automate threat verification and eliminate the wasted effort that result from false alarms.”

Data disclosure accounted for more than half of security breaches at 1,369 incidents.

The health sector reported the highest number of security breaches, 941, followed by local government with 202.