The shockingly high cost of protecting against cyber attacks has been revealed, with the energy industry forking out around £265mn annually to combat the growing threat of data breaches and system outages.

Opportunistic multi-national consultancies are being blamed for inflating the price of security testing in the UK, with energy companies being charged inflated prices to conduct tests on their critical assets.

Consultancies taking advantage

Today’s findings put the spotlight firmly on the security testing market, which is dominated by consultancies who provide services to businesses, sometimes at twice the daily rate of an independent tester—often referred to as ethical hackers. With 74% of UK businesses claiming the cost of testing is too expensive, there is a clear demand for change.

Nine in 10 energy companies currently outsource the security testing on their critical assets. The need to use consultancies being driven by a skills shortage, with 86% of businesses revealing that they don’t fully possess the in-house, employee skills and knowledge to carry out security testing.

A surge in cyber crime

Worryingly, 30% of energy companies have battled an online security breach in the past 12 months, which have directly hit their bottom lines through a loss of customers and damaged brand reputation.

Over the past five years, the majority of companies have seen a major increase in the number of data breaches: one in five reported an increase of between 11% and 20%, while more than a half reported up to 10% more data breaches. Of those hit by a cyberattack, 100% reported that the breach occurred partly as a result of issues with the security testing process.

The true cost of cyber attacks

As new emerging technologies are deployed, and applications increasingly underpin core business processes, firms across the UK claimed that cyber criminals are creating new ways to exploit vulnerabilities, which is putting increased stresses on them at an already challenging time.

The impact of breaches in the past 12 months has been wide spread, with 93% reporting a loss of customers. Two thirds of those surveyed were hit by fines from regulators, while four in five suffered from reputational damage.

A new era in security testing

AVORD, which recently launched, promises to slash the price of security testing, with its free online platform bringing 1000s of highly qualified security testers together with UK businesses. The brainchild of two career security professionals, who have seen the market monopolised by major consultancies, it will enable companies to reduce their costs by 30-40%.

The unique online security testing platform cuts out the expensive middle men, ensuring that energy companies of all sizes can protect their businesses against future threats. Free to use, AVORD provides automated scheduling and tracking of security tests, delivering an instant view of all tests across an estate through a fully interactive risk and reporting dashboard.

Brian Harrison, founder and CEO of AVORD, said: “Quite simply, security testing has become too expensive for many UK businesses.  Companies are struggling to cope with the ever-increasing threats impacting on their attempts to secure systems at current costs. Unless something changes, businesses will be forced to cut corners, and this will inevitably mean there are more data breaches and system outages.

“AVORD has been designed to disrupt the current security testing model by cutting out the costly ‘middle-man’ consultancies and allows businesses to directly manage and engage security testers. This means that whereas industry currently pays up to £1,100 per day for cybersecurity testing, that cost will be reduced to approximately £600, collectively saving UK businesses around £3bn annually.”