A new World Energy Council report has detailed the need to address cyber risks in the energy sector. The report highlights that energy companies have seen a massive increase in the number of successful cyber-attacks over the past year.
The report ‘The road to resilience: managing and financing cyber risks’, published by the Council in collaboration with Swiss Re Corporate Solutions and Marsh & McLennan Companies, will be launched at the Energy Day in Berlin, Germany, on 29 September. The report investigates how cyber risks can be managed taking into account the changing nature of the energy industry and energy infrastructure.
Christoph Frei, Secretary General, World Energy Council, said: “Cyber threats are among top issues keeping energy leaders awake at night in Europe and North America. Over the past three years, we have seen a rapid change from zero awareness to headline presence. As a result, more than 30 countries have put in place ambitious cyber plans and strategies, considering cyber threats as a persistent risk to their economy. What makes cyber threats so dangerous is that they can go unnoticed until the real damage is clear, from stolen data over power outages to destruction of physical assets and great financial loss. Over the coming years we expect cyber risks to increase further and change the way we think about integrated infrastructure and supply chain management.”
The report is being discussed in Berlin as part of the build up to the 23rd World Energy Congress which will be held between 10 - 13 October in Istanbul and the session, ‘Cyber threat: are we at risk of the lights going out’, will be led by Michael Bell, President and CEO of Silver Spring Networks; Steve Holliday, former CEO National Grid; Andrew George, Chairman of Energy Practice, Marsh and Juerg Trueb, Managing Director at Swiss Re.
The report explains the rapid growth of cyber risks highlighting past attacks and potential cyber incident scenarios plus insurance claims implications. Effectively addressing cyber risk demands much higher public awareness, in governments and utilities.
Jeroen van der Veer, Executive Chair, Financing Resilient Energy Infrastructure study, and former CEO of Royal Dutch Shell, said: “The energy sector must take a systemic approach and assess cyber risks across the entire energy supply chain, improve the protection of energy systems and limit any possible domino effects that might be caused by a failure in one element of the value chain. Nevertheless, measures that require supply chain compliance or cross-border cooperation are more difficult to implement, and require increased cross-sector cooperation.”
Recommendations of the report include:
- Industry: Energy utilities must view cyber as core business risk, increase awareness and build strong technical and human cyber resilience strategies.
- Technology companies can play an innovative role. They must monitor the nature of cyber-attacks and embed security features into the products they are developing and delivering.
- Governments: Policymakers must stimulate the introduction of standards, regulation and support information sharing, and in doing so support strong responses from companies to cyber risks.
- Insurance and finance: The insurance sector must monitor cyber risks and focus on managing newly arising and changing risks.
Energy companies must get used to the fact that cyber now poses the same kind of risk to large infrastructures as a flood or a fire. ‘The road to resilience: managing cyber risks’ is the third in a series of reports that addresses the need for more investment and system change to increase resilience towards emerging risks, besides cyber threats, also including extreme weather and the energy-water-food nexus.
Read the article online at: https://www.oilfieldtechnology.com/digital-oilfield/30092016/energy-sector-target-for-cyber-attacks/