Cyber resilience is a challenge for organizations globally, but particularly for the electricity industry. Power systems are among the most complex and critical of all infrastructures and act as the backbone of economic activity.
Large-scale incidents such as blackouts would have socio-economic ramifications for households, businesses and vital institutions. For example, a six-hour winter blackout in mainland France alone could result in damages totalling over €1.5 billion ($1.7 billion).
In the past, managing this risk has meant dealing with issues such as component failure or inclement weather via robust mitigation and recovery. Today, however, existing resilience plans in electricity delivery must integrate a carefully designed resilience strategy which considers cybersecurity-related risks.
What's the challenge?
The unprecedented pace of technological change driven by the Fourth Industrial Revolution means that our systems of health, transport, communication, production and distribution will demand rapidly increasing energy resources to support global digitalization and advancement of interconnected devices.
Digitalization is driving growth and innovation in the electricity industry and has tremendous potential to deliver shareholder, customer and environmental value. However, new technologies and business models affecting our operating assets present both opportunities and risk.
Our Platforms for Shaping the Future of Cybersecurity and Digital Trust and Shaping the Future of Energy and Materials have pioneered a Systems of Cyber Resilience: Electricity Initiative, which brings together leaders from more than 50 businesses, governments, civil society and academia, each with their own perspective, to collaborate and develop a clear and coherent cybersecurity vision for the electricity industry.
Power systems play a key role in society. Protecting the power supply against threats is a means to safeguard prosperity. Joining forces across companies and borders is an important remedy against fast-evolving cyber threats in the energy sector. It is an honor to co-chair this unique collaboration initiative at the World Economic Forum.
The initiative is currently focused on three pillars:
- Organizational: assessing and improving the cyber maturity of electricity industry organizations, while promoting effective implementation of the board principles for cyber resilience in the ecosystem
- Regulation: improving the effective implementation of cyber resilience frameworks by fostering a dialogue between policy-makers and businesses to change approaches to new regulations
- Supply chain resilience: improving supply chain resilience by establishing common expectations regarding cybersecurity roles and responsibilities between stakeholders
Among its activities, the Systems of Cyber Resilience: Electricity Initiative in 2019 released Cyber Resilience in the Electricity Ecosystem: Principles and Guidance for Boards to help CEOs and board members meet the unique challenges of managing cyber risk in the electricity ecosystem.
Only by joining efforts will we be able to face the cybersecurity challenges of increasing digitization and hyper connectivity. To that end, the World Economic Forum has provided an important platform, bringing together relevant industry experts who contributed to this guide to support boards and senior management in collaboratively approaching cyber resilience in the complex electricity ecosystem.