The energy sector is at a crossroads. An industry under intense price pressures and further strained by the coronavirus pandemic has energy companies looking to reinvent themselves. Boom and bust cycles are not new to the industry, and down cycles force companies to sharpen their competitive edges. In these stressful but potentially exhilarating times, even industry giants have to fight to retain their market share, cut costs, or chart a course back to profitability. The winners will be those who envision more competitive business models based on new technologies.
Digitally connected oil and gas assets, smart grids, renewables, and intelligent infrastructure promise safer, more efficient, and lower-emissions operations, but truly re-imagining the energy sector and fully realizing that promise requires strong cybersecurity. Whether built new, acquired, or retrofitted, future energy assets will rely heavily on digital management and remote access. Some models go even further. Electricity sector companies can harness operational technology (OT) assets with information technology (IT) intelligence to turn individual consumers into “prosumers,” if they can manage prosumer inputs without suffering a new flood of attacks.
These impending revolutions make cybersecurity an urgent challenge; in the next two years, 2.5 billion industrial devices will be brought online in the energy industry. Meanwhile, simple exploits available on the dark web for $16.99 can cause extraordinary damage to daily operations worth millions of dollars. Isolated assets are not safe. We know attackers can jump air gaps and move laterally within a network, innovations that have existed for a decade. With attackers increasingly moving from financial exploits toward OT attacks causing physical damage, firms risk not only business stability but also the the safety of essential workers.
Lacking the technical tools to provide strong security, the energy sector has long accepted some cyber vulnerabilities as known but unavoidable risks. Many of the OT endpoint assets that run the energy backbone, like power plants, refineries, electric substations, and fuel pumping stations, still use operating systems from the last decade, and worse, some have never been updated with new security protocols after their initial installation. New digitally native endpoint technologies designed to integrate with IT systems are typically quicker and easier to update, but their continuous connectivity also brings continuous exposure to attacks. Technical complexity and economic practicalities have forced many companies to tolerate these risks, especially for edge assets. Sites hundreds of miles from central operations—and each other—are expensive to visit, and not always digitally connected. Operating in remote, rugged environments, isolated assets cannot receive security patches hourly, daily, or even weekly. That maintenance lag means that even companies with relatively mature cybersecurity practices leave core infrastructure exposed for weeks and months at a time. Fear of growing exposure to outages or supply chain disruptions has made some companies reluctant to invest in digital infrastructure and new business models.
New cybersecuirty advancements change the cost-benefit proposition for energy sector sites and equipment previously deemed too technically difficult or costly to secure. Machine learning tools trained to recognize normal operations can intervene when anomalies occur at isolated facilities. Artificial intelligence (AI) solutions are presently the only way to get ahead of an evolving threat situation. Unlike conventional defenses, AI is forward-looking and can predict the outcome of commands and remain effective even against entirely novel threats. That strength will be critical to defending systems that go long periods between security updates. Because the AI solution is finely tuned to monitor relationships between variables and to continuously compare against normal workflows, it also offers useful insights beyond cybersecurity, for example, detecting early signals that a component will fail within the next few weeks.
The energy sector must include cybersecurity as the cornerstone of its new foundation. Board members need to build cybersecurity into any forward plans that rely on digitized infrastructure. Leveraging AI and machine learning tools will bring previously unthinkable business models into the realm of acceptable risks. In a re-imagined energy industry, there will be no room for weak links in the physical systems that move fuel and electricity. Bold leadership in the energy industry will find the tools needed to make new business models viable, and get ahead of threats to critical infrastructure. It is certain that the companies that embrace cybersecurity as core to their business models today will unlock the full potential offered by the digital revolution of tomorrow.
Leo Simonovich is Global Head of Industrial Cyber and Digital Security for Siemens Energy and Sridhar Sudarsan is Chief Technology Officer at SparkCognition.
Learn more about the Global Energy Center
The Global Energy Center develops and promotes pragmatic and nonpartisan policy solutions designed to advance global energy security, enhance economic opportunity, and accelerate pathways to net-zero emissions.