Energy companies see cybersecurity as the biggest risk to their business. Two-thirds of energy professionals expect to invest more in cybersecurity this year to deal with growing threats.
According to new research from DNV Cyber, as many as 78 percent of energy professionals are convinced that their leaders have a sufficient understanding of cyber risks. Moreover, 84 percent know exactly what to do in the event of a potential cyber threat, thanks to extensive employee training.
The energy transition is creating new attack vectors and making cybercriminals increasingly sophisticated. Digital technologies are essential to the energy transition but also increase exposure to cyber risks due to the increased use of sensitive data, reliance on third-party tools, and introduction of connected environments.
Three-quarters of energy professionals report that their organization is paying more attention to cybersecurity because of increasing geopolitical tensions. 72 percent are concerned about potential attacks from abroad, up from 62 percent in 2023. Concerns about cybercriminal gangs increased from 50 percent to 79 percent.
Five key challenges
DNV Cyber’s research identifies five main challenges for energy companies: securing physical infrastructure, complex cybersecurity supply chains, improving employee awareness, integrating new skills, and embracing AI. Operational technology (OT) security, in particular, remains a concern. 71 percent of energy professionals acknowledge that their organizations are more vulnerable to OT cyber incidents than before.
To further strengthen cybersecurity, energy companies must prioritize securing OT and improving supply chain security and transparency. It is also essential to rethink the relationship between cybersecurity and the rest of the business, implement innovative training approaches and build knowledge of AI.