Author: Basim Al-Ruwaii, Chief Information Security Officer, Aramco, Leo Simonovich, Vice President and Global Head, Industrial Cyber and Digital Security, Siemens Energy, Filipe Beato, Lead, Centre for Cybersecurity, World Economic Forum
New technologies keep making cybersecurity in the energy sector more important – and more challenging. Ground-breaking technologies produce new efficiencies and reduced emissions as the energy transition and ongoing digitalization revolutionize the sector. Add rapid advancements in artificial intelligence to the mix and the result is a blistering pace of change for an industry where infrastructure investments typically span decades. Both the nature and the pace of change heighten the need to build a strong cybersecurity ecosystem.
Why the energy sector matters
The energy sector operates critical infrastructure. Access to affordable, reliable energy remains a critical enabler for economic prosperity everywhere around the world. Because energy infrastructure serves as the backbone for global nations and businesses to operate, it is a frequent target for cyberattacks. The energy transition is a priority because of its role in meeting the global commitment to combat climate change. Digitally-native technologies and business models like wind and solar power, smart metering, distributed generation, and peaker plants cannot work without digitized operational technologies (OT). Digital management that maximizes the efficiency of equipment extracting, producing, moving, and using other fuels likewise is indispensable for meeting carbon emissions targets. Existing energy companies are shifting their business models toward renewables while also digitizing existing operational technologies to increase efficiency and reduce emissions.Attackers increasingly target these OTs, exploiting the new vulnerabilities created by digitalization. Infrastructure defenders need to keep up with innovation in the assets and business models of their parent organization and with the potential misuse of new technologies by attackers. In a 2021 SANS survey, cybersecurity experts identified the energy sector as the most likely to suffer attacks on industrial control systems that impact operational safety and reliability.Finally, technological innovations expand the possible attack pathways available to malicious actors. This is true whether or not companies adopt the innovations in question. Organizations whose business practices remain unchanged also face rising threats, as attackers adopt new technologies like ransomware and AI-generated phishing attacks. Because some nation-states seek covert opportunities to cripple rival economies, energy infrastructure will remain a high-value target for sophisticated, well-resourced attackers.
What is the World Economic Forum doing on cybersecurity?
The World Economic Forum Centre for Cybersecurity drives global action to address systemic cybersecurity challenges. It is an independent and impartial platform fostering collaboration on cybersecurity in the public and private sectors. Here are some examples of the impact delivered by the centre:Cybersecurity training: Salesforce, Fortinet, and the Global Cyber Alliance, in collaboration with the Forum, provide free and accessible training to the next generation of cybersecurity experts worldwide.Cyber resilience: Working its partners, the Centre is playing a pivotal role in enhancing cyber resilience across multiple industries: Oil and Gas, Electricity, Manufacturing and Aviation.IoT security: The Council on the Connected World, led by the Forum, has established IoT security requirements for consumer-facing devices, safeguarding them against cyber threats. This initiative calls upon major manufacturers and vendors globally to prioritize better IoT security measures.Paris Call for Trust and Security in Cyberspace: The Forum is proud to be a signatory of the Paris Call, which aims to ensure global digital peace and security, emphasizing the importance of trust and collaboration in cyberspace.
Contact us for more information on how to get involved.
A recent gathering of the World Economic Forum’s Oil and Gas Sector Cybersecurity Community identified three major challenges relating to the pace of innovation in their sector: adoption of new technologies, regulatory change, and partnering to enable collective defence. This community’s purpose is to convene stakeholders from the oil and gas industry, government and academic institutions to develop tools and frameworks that amplify and accelerate the adoption of proven approaches for cyber resilience. Community discussions help establish and align cybersecurity principles across the oil and gas supply chain, and help the sector benchmark cybersecurity best practices to meet the challenges faced globally.
As companies adopt new technologies – and as attackers innovate – security teams must decide how to achieve their organization’s mission without unduly exposing the organization or its customers to cyber risks. In the same SANS survey mentioned earlier, 59% of cybersecurity teams identified technical integration of legacy OT and modern IT systems as their biggest challenge to securing OT. This is one area where AI solutions can already help. Organizations are deploying AI cybersecurity monitoring for detection of signals within noise at previously unfeasible scales, allowing narrowing large amounts of data streams to just a few alerts that can be used by operators. Recently, a single natural gas power plant saw AI narrow the monitoring burden for operators by eight orders of magnitude, reviewing over 700 million events to draw operator attention to less than 10 alerts. Innovations bring changing – and uncertain – regulatory landscapes. Because regulatory change is typically slower than innovation, energy sector leaders often must choose how to invest in cybersecurity without knowing the form final regulations will take. From the energy sector perspective, there is a clear preference for outcome-oriented regulations that avoid overly prescriptive compliance measures. Clear standards and reporting methods that apply across broader economic areas can help reduce the cost of compliance for large energy organizations. Energy supply chains are interdependent – disruptions anywhere in the value chain can cause chaos up and down from producer to consumer. Just as critically, attackers sometimes target third-party suppliers as a strategy to move laterally into a larger organization. Building strong cyber defences and resilient energy infrastructure thus calls for maturing cybersecurity across the whole of the energy ecosystem. Equipment manufacturers, cybersecurity organizations, and technology vendors all have roles to play in this ecosystem.
Recognizing that disruptive innovations will continue to drive competition and cyber threats in the energy sector, the World Economic Forum’s Centre for Cybersecurity is convening community participants for a body of work aimed at further exploring how to navigate these challenges. Drawing from the existing Oil and Gas Cybersecurity Community and the Electricity Cybersecurity Community, the new group will meet in September for a member-driven