[ad_1]
The world is building a sustainable and inclusive energy future. Renewable energy sources are growing rapidly due to technological innovation and falling costs. At the same time, digitization will make traditional energy infrastructure more efficient. Continuing these trends is critical to achieving global climate goals while promoting prosperity around the world. And as the energy transformation ushers in a new digital energy system, cybersecurity will play a key role in carving out a sustainable and inclusive future.
The energy sector must withstand constant cyberattacks, including state-sponsored attacks. A new attack could propagate at the speed of light and could take days or weeks to unravel its consequences, disrupting markets, jeopardizing the operation of equipment, and threatening the organization of the target. causing cascading effects that extend beyond
All energy sector participants – new or existing, private or public – have an interest in maturing cybersecurity across increasingly interconnected digital energy systems. Investing in improving the cost-effectiveness of cybersecurity to continuously strengthen resilience and reliability is important for everyone, not just large enterprises.
Both old and new energy technologies rely on cybersecurity. Rapid digitization across the energy sector has increased efficiency and reduced emissions, but has also changed and expanded the vulnerabilities that the sector must consider. Attackers are increasingly targeting not only information technology (IT), but also operational technology (OT). Retrofitting to existing his OT infrastructure such as pipelines and conventional power plants means that these are often connected to networks. New technologies such as wind and solar rely on digital management.
Cyber threats are not limited to large corporations and the global North. In recent years, ransomware has had success against smaller infrastructure operators such as the largest US petroleum product pipeline, Brazil’s largest power company, and the Johannesburg Municipal Power Company. We have also seen attacks against subcontractors that have been exploited to infiltrate utility companies connected to the US grid. This is a global challenge for organizations large and small.
Facing a constant onslaught of cyberattacks, the energy sector needs to establish practices and institutions that reduce the cost of deploying strong cybersecurity across the energy value chain. If affordable and effective cybersecurity remains unavailable, start-ups, subcontractors and small utilities will become a consistent and weak link in the energy ecosystem.
So how can the energy sector ensure cybersecurity responds to cyber risks and seizes opportunities to stay ahead of attackers? How can public and private sector leaders help build communities of trust? can you?
Energy sector regulators must enable, or at least not stifle, innovations that enhance cybersecurity. Cyber innovation must address both the new technologies of the energy transformation and the known risks to those technologies. Even if the slow-moving regulatory process has yet to account for new business models, technologies, or threats.
Similarly, regulators should consider ways to facilitate rapid information sharing on threat intelligence. Threat intelligence helps targets quickly fortify against new attacks, but operators are reluctant to share information if they believe it will later lead to legal and financial liability There is a possibility. Tabletop exercises that convene public and private organizations can improve incident response, build relationships, and provide actionable insights before a crisis occurs.
Both public and private sector leaders can work to expand the cybersecurity talent pool. This is one of the main cost barriers to improving cybersecurity. Cybersecurity experts are few, let alone those familiar with the operational technologies that enable the energy transition. Training programs, public or private, help meet demand. Solutions that expand the scope and power of automation also help, as do information sharing that enables security teams to quickly recognize new threats and apply patches efficiently.
For asset managers (public or private), cybersecurity should be part of any new project decision-making. Considering how to secure new infrastructure or planned retrofits can reduce the cost and complexity required to manage risk. Monitoring operations helps operators and cyber analysts understand how systems interact during normal operations, enabling early detection of malicious activity. You can reduce the cost of strong cybersecurity by looking for opportunities to automate routine tasks. Advances in machine learning and artificial intelligence have made it easier to quickly extract useful insights from massive data sets.
Private sector collaboration helps build trust and cyber maturity across the industry. Common standards and certifications help disseminate best practices and build confidence in potential partners and clients that they don’t introduce new vulnerabilities. Threat intelligence may be more comfortable shared among peer organizations than with regulators.
Private sector leaders can assess and improve their organizations’ cyber risk posture. A board that has an accurate understanding of cyber risks can invest appropriately to manage them. Likewise, making it clear that cybersecurity is a cross-cutting capability that is key to the performance of all business units will help build a strong security culture. And of course, recognizing that cybersecurity is an ongoing effort across the sector will help build the energy sector-wide collaboration needed to address the dynamic and interconnected cyberthreat landscape. Helpful.
Finally, a comprehensive energy transformation also requires cyber inclusiveness. As developing countries pursue electrification and access to sustainable energy, even as the Global North continues to build the connective tissue necessary to meet the cyber risks of a digitized energy system. , the global South energy system is built with cyber resilience in mind. Taking advantage of global conferences like the Atlantic Council Global Energy Forum in Abu Dhabi earlier this month to bring cybersecurity to the table along with discussions on increasing access to energy is building community. and is essential for advancing shared security in digital energy systems.
Leo Simonovich is Vice President and Global Head of Industrial Cyber and Digital Security at Siemens Energy.
Reed Blakemore is Deputy Director of the Atlantic Council Global Energy Center..
relevant content
Learn more about the Global Energy Center
of global energy center Energy security by working with governments, industry, civil society and public stakeholders to devise practical solutions to the geopolitical, sustainability and economic challenges of the changing global energy landscape. Promote security.
Image: Data center cables. (Federal Communications Commission, Flickr, CC0 1.0) https://creativecommons.org/publicdomain/zero/1.0/
[ad_2]
Source link