Energy companies are boosting investment in cybersecurity as they strive to manage the “greatest risk” to the industry today, new research reveals.
Two in three energy professionals (65%) say their leadership views cybersecurity as the greatest current risk to their business, according to the research on the state of cybersecurity in the energy sector.
More than two thirds of energy professionals (71%) expect their company to increase investment in cybersecurity this year, the latest Energy Cyber Priority report from DNV Cyber revealed.
The report found that energy companies are making progress in cybersecurity. This includes greater awareness at leadership level, with 78% of energy professionals confident their leaders sufficiently understand cyber risk.
Successes have been delivered by employee training, as more than eight in 10 (84%) say they know exactly what to do if they are concerned about a potential cyber threat.
Growing attention is being paid to operational technology (OT) cybersecurity – securing the systems that manage, monitor, and automate physical assets – as two thirds (67%) expect greater OT security investment in the year ahead.
Digital technologies are essential to drive and enable the energy transition, but each potentially broadens an energy company’s exposure to cyber risk – whether due to their increased use of sensitive data, greater dependence on third-party tools and components, or the introduction of connected environments through which hackers can infiltrate from system to system, the report warned.
Chief executive officer of energy systems at DNV Ditlev Engel said: “Achieving the energy transition is central to society at large.
“The whole energy sector – companies and governments alike – are working together on this massive challenge, which is increasingly complex because the technologies underpinning the transition are largely digital and scaling rapidly. With this comes cybersecurity risks.
“Cybersecurity should be a priority for all players in the energy sector to achieve the climate goals and guarantee energy security, as geopolitics make the world more hostile and uncertain.”
The energy transition is making cyber risk unavoidable, and this is reshaping attitudes in the energy industry, as half (49%) of energy professionals believe their organisations should accept additional cyber risk as a necessary trade-off for innovation.
Of the 375 energy professionals surveyed globally for the research, three-quarters (75%) report that their organisation has increased focus on cybersecurity because of growing geopolitical tensions over the last year.
Some 72% are concerned about the potential for attacks directed by foreign powers, up from 62% in 2023.
Eight in 10 (79%) are concerned about the threat from cyber-criminal gangs, up from 50% in 2023.
The research also records a rise in concern about malicious insiders, up from 51% in 2023 to 62% this year.