We protect what’s mission critical – Cybersecurity for the energy world

What comes to mind when you think of cybersecurity? Hacker attacks on financial institutions or politicians? Trojans, spyware, and data leakage? It's about much more. It's also about protecting valuable assets, intellectual property and securing the operation of critical infrastructure. Even more: There can be no digital transformation without cybersecurity.

The energy industry as a target

Earlier this year, a ransomware attack took down Colonial Pipeline in the United States. The pipeline transports nearly half of all fuel consumed on the country’s east coast. Since it wasn’t immediately clear whether the attack had damaged the facilities, the operator shut down the pipeline for several days. Panic among consumers and rising fuel prices were the result.

There are many such examples – and their number is on the rise. Every 11 seconds on average, a company is attacked by cybercriminals. The resulting damage is expected to reach around $20 billion by the end of this year.

In the energy industry, which keeps power plants and electricity grids up and running, the consequences of cyberattacks are particularly disruptive and painful. At worst, they can shut down an entire nation’s energy infrastructure and cut off power completely. These risks are increasing with the growing demand for energy and electrification of everyday life – just think of e-mobility. Risks are also being fueled by the rising digitalization and connectivity of the energy industry, making it all the more imperative to improve the sector’s cyber resilience.?

Protection, detection, and monitoring solutions – our answer to cyber threats

A reliable energy supply is the backbone of the global economy. It is therefore not surprising that the energy sector has become a prime target for cyberattacks. Cybersecurity is becoming an Achilles' heel. At Siemens Energy, we help our customers manage increasing cyberthreats with our protection, detection, and monitoring solutions. However, securing critical infrastructure is only one thing. In addition, we need to protect our own operations, information assets, data, contracts, and intellectual property. Our experience has shown that it is crucial to consistently follow three main principles:

First: It’s about people – get everyone involved

Studies reveal that over 90 percent of data and security breaches are the result of human error. Consequently, cybercriminals often target individuals as the weakest link in a given system or organization. #CyberSecMonth is an annual international campaign in October dedicated to promoting cybersecurity among individuals and organizations. This is a great opportunity for raising awareness and sharing good practices. We at Siemens Energy offer a broad range of internal activities for our colleagues, such as live events, podcasts, and weekly infotainment material.

Second: It’s about a holistic view – make it an integral part

Cybersecurity must always be approached holistically to ensure the security of complete value chains and lifecycles. This approach encompasses information security (IT), operational technology security (OT), and the security of products and solutions based on international security standards. If cybersecurity is considered from the very beginning, it becomes a solution of itself. This not only accounts for new products. It is equally important to add cyber services to existing products, solutions, and services.

Third: It’s about trust – foster broad collaboration

Cyberattacks are global, therefore the cyber ecosystem must also be global. Only if we have a common understanding of cybersecurity challenges and solutions, can we ensure a successful defense. That's why we’re strengthening our external networks and sharing knowledge. The fight against cyberattacks must include an active dialog with customers, government organizations, NGO’s, universities, and certification bodies. This is essential for sharing information between the private and public sectors on causes, incidents, and threats, and for pooling experience, knowledge, and analyses. In the end, it is all about trust.

Those who take these points to heart will contribute actively to cyber resilience in the energy industry. Even more: There can be no digital transformation without cybersecurity. And we are doing everything to make it happen.

Interested in further details about #Cybersecurity? Find out more at: https://bit.ly/3lWSU0C ?