September 19, 2016
The digital age is transforming the way in which businesses operate. Thanks to technological advancements over the past decade, economies and industries across the world are operating faster and more efficiently than ever before. But with this improvement comes a major risk: the growth and increasing complexity of cyber-related attacks.
Cyber-attacks in the energy sector have an impact not only on the sector itself but also on the whole economy. As the energy sector seeks to improve its efficiency and reliability, infrastructure operators must be aware that the increased use of hyper connectivity, including Supervisory Control And Data Acquisition (SCADA) and Industrial Control System (ICS), can increase exposure to cyber-attacks across the energy value chain.
The World Energy Council worked with Swiss Re Corporate Solutions and Marsh&McLennan on the Road to Resilience: financing resilient energy infrastructure report which finds that by 2018, the oil and gas sector could be spending $1.87bn each year on cyber security as cyber-attacks become more sophisticated and frequent.
Cyber risk must not be considered purely as an IT risk. Rather it should be addressed as an enterprise-wide concern and as a key operational risk that demands effective risk management and strong management involvement at the highest level.
To get to this point, risk managers need to step up to the plate and work with IT professionals to establish the right security culture. This begins with a risk assessment that looks specifically at a company’s exposure to cyber-related vulnerabilities.
The increasing interconnection and digitisation of the energy sector (including smart grids, smart devices and the growing Internet of Things) along with the sector’s critical role in the functioning of a modern economy, makes the energy sector a highly attractive target for cyber-attacks geared to disrupt operations. The increasing interconnection also makes cyber risk management increasingly complex.