Despite growing awareness, companies are still not investing enough to safeguard their operational technology and infrastructure from potential vulnerabilities, a report by DNV reveals.
According to the survey conducted by the company, which involved 600 energy professionals, 59% acknowledged that their organizations are allocating more funds to cybersecurity compared to the previous year. This indicates a growing recognition of the importance of protecting critical systems. However, 42% of respondents admitted that their organizations' current investments in cybersecurity are insufficient to mitigate potential risks to critical systems.
The survey also highlighted the impact of geopolitical volatility on cybersecurity awareness, with 78% of respondents identifying it as a factor that increased their understanding of potential vulnerabilities in operational technology. Furthermore, two-thirds of the energy professionals surveyed expressed concerns that their organization's infrastructure is now more vulnerable to cyberthreats than ever before.
Wind power infrastructure emerged as one of the sectors most vulnerable to cyberattacks. This vulnerability is attributed, in part, to the reliance on remote operations and the numerous interfaces used. Legacy systems within the sector also pose a significant risk, as interfaces can be particularly vulnerable if interconnections are not adequately secured, said Jalal Bouhdada, Founder, Applied Risk, to Recharge.
Experts acknowledge the rising trend of cyberattacks across industries and emphasize the need for a holistic approach to cybersecurity. As the IT landscape becomes increasingly complex, organizations must extend security controls and visibility across various interconnected components to create secure environments that prioritize data protection. “Prioritizing a strategy that addresses risks originating from within the infrastructure of the platforms can greatly help organizations stay ahead of the highly-evolving cyberthreats,” said Alejandro Martínez, Sales Engineer Senior, Akamai, to MBN.
In response to the growing threat, energy businesses are taking steps to upgrade and connect their legacy technology and infrastructure. These efforts aim to improve safety, increase operational efficiency and support the decarbonization agenda through increased electrification and the integration of renewable generation.
With cyberthreats evolving and increasing in sophistication, prioritizing robust cybersecurity measures is crucial to ensure the stability, reliability and resilience of the energy industry. To this end, taking a holistic approach to risk identification is crucial. “A business model should include risk-mitigation from within the system architecture to promptly identify risks and respond appropriately to an attack,” says Omar Alcalá, Cybersecurity Manager for SE - LATAM, Tenable.