You are Home   »   News   »   View Article

65% energy professionals say “cybersecurity greatest threat to business” – DNV

Wednesday, January 22, 2025

Energy companies boosting investment in cybersecurity arms race, to manage the 'greatest risk' to the industry today - new research reveals

Oslo, 22 January, 2025 - Energy companies are taking cyber threats seriously at the highest levels, as two in three energy professionals (65%) say their leadership views cybersecurity as the greatest current risk to their business, according to new research on the state of cybersecurity in the energy sector. More than two thirds of energy professionals (71%) expect their company to increase investment in cybersecurity this year.



According to the latest Energy Cyber Priority report from DNV Cyber, energy companies are making progress in cybersecurity. This includes greater awareness at leadership level, with 78% of energy professionals confident their leaders sufficiently understand cyber risk. Successes have been delivered by employee training, as more than eight in 10 (84%) say they know exactly what to do if they are concerned about a potential cyber threat. Growing attention is being paid to operational technology (OT) cybersecurity - securing the systems that manage, monitor, and automate physical assets - as two thirds (67%) expect greater OT security investment in the year ahead. Challenges remain, however, as the energy transition creates new attack surfaces and as threat actors become more sophisticated.

Digital technologies are essential to drive and enable the energy transition, but each potentially broadens an energy company's exposure to cyber risk - whether due to their increased use of sensitive data, greater dependence on third-party tools and components, or the introduction of connected environments through which hackers can infiltrate from system to system.

'Achieving the energy transition is central to society at large. The whole energy sector - companies and governments alike - are working together on this massive challenge, which is increasingly complex because the technologies underpinning the transition are largely digital and scaling rapidly. With this comes cybersecurity risks,' says Ditlev Engel, CEO, Energy Systems at DNV. 'Cybersecurity should be a priority for all players in the energy sector to achieve the climate goals and guarantee energy security, as geopolitics make the world more hostile and uncertain.'

The energy transition is making cyber risk unavoidable, and this is reshaping attitudes in the energy industry, as half (49%) of energy professionals believe their organizations should accept additional cyber risk as a necessary trade-off for innovation.

Of the 375 energy professionals surveyed globally for the research, three-quarters (75%) report that their organization has increased focus on cybersecurity because of growing geopolitical tensions over the last year. Some 72% are concerned about the potential for attacks directed by foreign powers, up from 62% in 2023. Eight in 10 (79%) are concerned about the threat from cyber-criminal gangs, up from 50% in 2023. The research records a rise in concern about malicious insiders, up from 51% in 2023 to 62% this year.

'Even as the energy industry becomes more mature in its cybersecurity posture, it must continue to strengthen and adapt to remain resilient against a growing number of increasingly sophisticated threats. From attacks on supply chains, recruitment of malicious insiders, and the use of AI, adversaries are upping their game and the energy industry needs to keep up,' says Auke Huistra, Director of Industrial and OT Cybersecurity at DNV Cyber.


CREATE A FREE MEMBERSHIP

To attend our free events, receive our newsletter, and receive the free colour Digital Energy Journal.

DIGITAL ENERGY JOURNAL

Latest Edition Aug-Sept 2024
Sep 2024

Download latest and back issues

COMPANIES SUPPORTING ONE OR MORE DIGITAL ENERGY JOURNAL EVENTS INCLUDE

Learn more about supporting Digital Energy Journal