The State of Cyberthreats in the E&U Industry
Globally, the sector hasn’t always taken the threat of cyberattacks as seriously as it should have, says Brian Wrozek, a principal analyst at Forrester. “It’s been a gradual acceptance,” he says. The past five years, however, have seen an increase in high-profile security incidents and government regulation that is difficult to ignore. “That’s increased their awareness and sense of urgency,” he says.
Two other factors have caused industry leaders to take greater notice of cyberthreats.
The first is the digital transformation of critical infrastructure, which is introducing more internet-connected devices inside energy and utility facilities. While these devices provide numerous benefits to companies and consumers, they also offer many more endpoints susceptible to cyberattacks.
The second factor is the growing convergence of IT and operational technology. In the past, OT systems have been fairly resistant to cyberattack, but that’s changing as those systems become more deeply intertwined with IT networks. That makes a successful attack on OT more likely, and the consequences are more significant because it is the OT that runs the critical equipment inside E&U plants.
This is why 49 percent of energy and utility CEOs questioned in a recent PwC survey cite cyberattacks as among their top three concerns. Nonetheless, the fact that 51 percent of executives don’t rank the threat so highly shows that it may still not be taken seriously enough.