The threat of substantial fines for data breaches means that all companies should be reviewing their IT and database security – including their energy management software, writes Optima Energy Business Development Director Steve Kemp.
The record £183 million fine imposed on British Airways by the UK Information Commissioner’s Office after a data breach that resulted in the theft of half-a-million customers’ personal details is a stark reminder to everyone with responsibility for the integrity of corporate computer systems, networks and databases to ensure the security of their frameworks.
Although some businesses have made more progress than others, the security of energy management software is often overlooked. And too many businesses are at risk. The value of energy-related data is considerable: think of the energy broker who would be very keen to obtain a detailed picture of a company’s energy usage, or a renewable energy provider who could construct a targeted marketing effort around this information. Both represent potential lucrative markets for organised hacking gangs.
We’re sure BA thought they had all angles covered with regards their security. But they hadn’t banked on somebody simply diverting traffic from their website to a scam website. Hackers are creative and always trying to find innovative ways to infiltrate systems.
Having tracked the deployment of energy-related software and the implementation of measures such as GDPR very closely, it’s clear that a sizeable percentage of UK companies are currently vulnerable to cyber-crime and ensuing regulatory action. But by investing in robust energy management software it is possible to permanently resolve one of the major areas of risk.
Energy has always been a cornerstone of our activities at Optima Energy. For a start, we are compliant with several ongoing security initiatives, including full accreditation for the Information Security Management Standard ISO 27001:2013 and Cyber Essentials Plus, which is a Government-backed scheme to help organisations protect themselves against common online threats.
We also undertake frequent stress-testing of our software by ethical hackers. Earlier this summer we hired one of the most well-known software security researchers in the UK and asked them to spend two days attempting to crack our system, having been given all the latest tools. They were unable to do so. We also regularly allocate time for our own software engineers to attempt to hack our system because we are aware that the nature of cyber threats is developing all the time.
Optima Energy also employs a full-time security manager whose sole responsibility is to ensure that our software remains as robust and impenetrable as possible. We know from having spoken to some of our long-term customers that having a member of staff dedicated to cyber security provides another layer of reassurance. Beyond that, we continue to review our overall security strategy to see if there is anything else we can be doing to protect customers from emerging threats.
In the wake of the BA fine and the expectation that further substantial penalties will follow, it is very likely that there will be a spike in the number of enquiries about secure energy management software. In this context there is clearly a role for specialists like Optima to guide people through the entire process – from ensuring that the software they are buying meets their current and probable future requirements, to undertaking regular updates and health checks once the system has been installed.
The number of online threats is growing all the time, but by investing in secure energy management software businesses can enjoy peace of mind in at least one major area of operations.