On October 4, 2021, the Atlantic Council Global Energy Center hosted Leo Simonovich, Vice President and Global Head of Industrial Cyber and Digital Security at Siemens Energy, who discussed why new artificial intelligence-based monitoring and detection technologies must serve as the foundation for securing the energy transition and our digitally driven industrial economy from the persistent threat of cyberattacks. The event was part of the Global Energy Center’s EnergySource Innovation Steam, a series that highlights new energy technologies with the potential to reshape the global energy system through discussions with companies and individuals working diligently to bring those innovations to market at scale.

Simonovich began by discussing how the digital revolution is reshaping the energy security landscape and highlighted the importance of developing tools to manage it. As companies adopt new, innovative business models that digitally connect physical assets with operational technology (OT) and information technology (IT), the industrial Internet of Things (IoT) offers unlimited possibilities to improve efficiency, enhance safety, and optimize operations, all while accelerating the energy transition.

The digital revolution is expected to result in an additional 2.5 billion industrial devices in the next two years, and each node presents a possible entry point where malicious actors could enter or manipulate energy infrastructure. Simonovich stated that most companies lack the in-house capabilities to monitor and detect potential cyberthreats across an operating environment of physical and digital assets equally. In this context, most Security Operations Centers (SOCs) are engineered to identify cyberattacks on IT systems rather than OT assets, meaning that many of these technologies do not match the complex threats now facing IoT. “To truly stop cyberthreats on critical infrastructure, you need to understand cybersecurity for physical assets first,” Simonovich affirmed.

To bridge the gap in understanding and approach between physical and digital threats, Siemens Energy built Eos.ii, the first AI-based monitoring and detection platform to serve as the foundation for an IoT fusion SOC for energy and critical infrastructure. Eos.ii brings together OT and IT visibility and context through a proprietary method to translate OT and IT data into a common language, which would reveal anomalous behaviors and patterns that match known cyberattacks.

During the Q&A session, Simonovich addressed questions around the impetus behind Eos.ii; Siemens Energy has been tackling cyberthreats for a decade and released a previous offering called Managed Detection Response, which was developed to become a standalone product for Chief Information Security Officers. Because customers are fundamentally changing business models in the push toward decarbonization and digitization, install bases evolve over time, and Eos.ii therefore must be evergreen in order to keep up with these changes. Likewise, due to the pandemic-driven transition to remote work, there is now an extended attack surface along the edge that has generated increased urgency for cybersecurity, considering attacks that start small can take over a whole system. Simonovich noted that just 18 percent of companies are conducting monitoring with advanced cybersecurity tools.

According to Simonovich, the biggest hesitancy for firms in their adoption of artificial intelligence is the short shelf life of digital tech and the quick rate of change. In responding to a question about specific policy approaches to incentivize adoption, Simonovich remarked that it is important to avoid approaching any investment in technology as a “check-the-box” kind of exercise, and firms and agencies should adopt new technology with the purpose of keeping up with changing threats. At the investment level, Simonovich emphasized that investors and bankers should absolutely be thinking through cyber risks, especially given that many asset owners are new, unlike large utilities that have been under a regulatory framework. According to Simonovich, “the message to the investment community is that cybersecurity is the great showstopper,” and they need a broader ecosystem approach.

Jordan Bekenstein is a Fall 2021 Young Global Professional at the Atlantic Council Global Energy Center.


Leo Simonovich is the Vice President and Global Head, Industrial Cyber and Digital Security at Siemens Energy. He is responsible for setting the strategic direction for Siemens’ industrial cyber security business worldwide. He identifies emerging market trends, works with customers and Siemens businesses to provide best-in-class cyber offers, and contributes to the company’s thought leadership on the topic. He is particularly focused on solving the cyber security challenge in the O&G and power sectors by bringing unique solutions to customers looking to address a growing and costly operational security risk.

He frequently speaks on such topics as cyber governance, risk management, and organizational transformation in operational environments. Previously, Leo led the cyber risk analytics practice area at the management consulting firm, Booz Allen Hamilton. He refined his expertise through his work with large government and commercial customers to improve their cyber risk posture. While at Booz Allen, Leo created an industry recognized methodology to evaluate the financial benefits of investment in cyber security. Leo holds both a Masters in Global Finance and a MBA from the University of Denver.

Learn more about the Global Energy Center