The energy sector experienced a 387% increase in attacks compared to the previous year.

Sectors like energy and utilities face more security breaches compared to other types of failures

In one analysis, energy had 18% of vulnerable assets across cloud, APIs, and web applications.

In one analysis, energy had 18% of vulnerable assets across cloud, APIs, and web applications.

The second-ranked industry for VEC engagement rate was the energy/utilities sector (56%).

Security awareness training has significantly reduced phishing susceptibility in large energy organisations, dropping from 47.8% to 4% in one year.

The energy sector reported three times more operational technology (OT)/industrial control system (ICS) cyber incidents than any other industry in 2023.

Phishing was behind 34% of attacks reported in the energy sector.

The average number of cyberattacks against the energy and utilities sector more than doubled between 2020 and 2022.

Small and medium-sized retailers saw significant declines in phishing susceptibility due to training, dropping from 29.3% to 3.7% for small retailers and from 33.3% to 4.2% for medium-sized retailers

94% of energy firms are pushing to adopt AI-driven cybersecurity due to revenue losses and disruptions caused by ransomware and phishing.

The energy and utilities industry had a third-party breach rate of 46.7%.

67% of credential access techniques used in energy and utilities sector attacks were brute force.

There was an 80% year-over-year increase in ransomware activity in energy and utilities sector.

19% of ransomware attacks against energy and utilities sector were conducted by Hunters International in H2 2024.

84% of attacks against energy and utilities sector originated from phishing.

47% of ransomware attacks against energy and utilities sector were in the United States.

96% of attackers targeting energy and utilities sector relied on remote services to move laterally.