Amanda Russo, Public Engagement Lead, World Economic Forum: Tel.:+1 415 734 0589; Email: email@example.com
- A smart tech spending boom in the utility and energy industry has introduced new risks with high costs
- Industry experts point to three main ways to mitigate the risk: balancing innovation and cyber resiliency, developing proactive safeguards and creating a culture of organizational awareness to mitigate cyber risk
- An attack on the connected US grid could cost $1 trillion, or eight times as much as the Fukushima nuclear disaster clean up
- For more information, please visit: https://wef.ch/rssm
San Francisco, USA, 29 April 2019 – The mass deployment of smart technologies is transforming the traditional electricity grid system into a smart grid. But, this spending boom has outpaced the adoption of industry-wide safety and security best practices – leaving the sector vulnerable to cyberattacks and significant financial losses.
The Smart Grid Risk Snapshot, released today by the World Economic Forum, shows what is at stake, highlighting how much attacks on a smart grid would cost and outlining risk-mitigation strategies.
The utility and energy sector ranks the second highest in terms of predicted losses per company from a cyberattack, with an estimated $17.2 million per company per year. The financial services industry takes the top spot with an estimated $18.2 million in losses per company per year from cybercrime. The cost of a cyberattack on the smart power grid in the United States, for example, could be $1 trillion – roughly eight times the cost of the Fukushima nuclear disaster clean-up. A six-hour winter blackout in France could result in over $1.7 billion in damages.
“Fast-paced investment in IoT has brought the industry to an inflection point,” said Karime Kuri Tiscareno, project lead, Internet of Things, World Economic Forum.” “IoT is changing the way electricity systems operate and introducing clear benefits to consumers and companies. But, at the same time, it is opening new areas of risk. If decision-makers and industry players accelerate its implementation without proper safeguards, we will see large financial losses impacting the whole of society.”
Worldwide spending on IoT is forecast to reach $1.2 trillion in 2020. To put that into context, spending on IoT will be more than double the spend on digital advertising ($500 billion) and more than half the total spend on defence ($2 trillion). Utilities rank fourth among the industries forecast to spend the most and the demand shows no sign of slowing down as smart grid benefits become hard to ignore.
To help companies plan for and prevent these risks, the Smart Grid Risk Snapshot outlines the top three ways businesses can mitigate risk.
- Balance priorities. Priorities need to balance innovation, adaptability, agility and efficiency with safety, investment, resiliency and security. A lopsided approach will result in increased risk. These eight priorities have been highlighted by industry experts who contributed to the research.
- Implement proactive safeguards and internal risk management: Proactive safeguards and internal risk management for IoT technology, including top-level accountability and information sharing, is necessary as companies develop increasing dependences on data-driven automated systems.
- Create an organizational culture of awareness. Insurance data shows two-thirds of cyber insurance claim incidents are the direct result of employee behaviour, for example, negligence leading to lost devices. Talent shortages, skill deficits and employee engagement also contribute to the bulk of financial losses so far from cybercrime. All-level employee education of cyber risk, not just building firewalls, will prevent most of the strain currently on the industry, according to the report.
With approximately one-third of all energy consumption growth by 2040 coming from buildings, the bulk of this energy consumption will come specifically from electricity. The Smart Grid Risk Snapshot spotlights how IoT deployment in the electricity sector can reduce emissions. In Australia, a full smart tech implementation could reduce emissions by 25%. The Edge building in Amsterdam, for example, uses smart grid technology to create adaptable and intelligent work spaces. Over a period of 10 years, the building will save 42 million kg of CO2, the equivalent of taking approximately 8,200 cars off the road for one year.
“A massive adoption of internet enabled devices is an inevitable change to our society and is key to the digitalized, green energy transition,” said Thomas Egebo, President & CEO of Energinet. “The reality of smart grids is that we are adopting a systems approach based on the many as opposed to a few. For example, many distributed assets versus a few powerplants, many micro transactions versus a few aggregated transactions. Digital authentication and access delegation must be adapted to this new reality. The cyber security threat is very real. The good news is that the technology already exists, all we have to do is implement it at scale”
“The Fourth Industrial Revolution will generate a global digitalization of all industries. It will rely on IoT deployed everywhere, the petabytes of data from it and artificial intelligence to improve operational efficiency and the quality of life of citizens," said Georges de Moura, Head of Industry Solutions at the World Economic Forum Centre for Cybersecurity "Cyber resilience and privacy challenges remain underestimated for many organizations. Private and public sector leaders will have to address them both the digital and physical worlds to mitigate potential harms and the disruption of critical services.”
“Safe and responsible IoT deployment across the electricity grid can lead to a reduction in greenhouse gases, efficient resource management and consumer cost savings,” Kuri said. “But, the industry needs to collectively address the risks to ensure that innovation can scale and accelerate the benefits for all of society.”
About the Market Incentives for Secure Industrial IoT Project
Market forces could play a critical role in helping establish and catalyse new norms and best practices for the security of industrial IoT devices and systems. Lower insurance premiums prompted millions of business and consumers to install fire and security systems. Through this project, financial incentive structures–tying minimum security standards and practices to the sale and pricing of cyber insurance policies or to capital investment decision-making – will be applied to industrial IoT deployments across industries.
During the past year, more than 24 companies, governments, organizations and universities have collaborated with the Centre for the Fourth Industrial Revolution to co-design the Industrial IoT Safety and Security Protocol. This first-of-its-kind policy framework generates an understanding of how insurance can facilitate the improvement of industrial IoT security design, implementation and maintenance practices. It also sets forth a universal set of security best practices that should be incorporated in all industrial IoT deployments. The Protocol is now being implemented and tested across industries, starting with the aviation and electricity sectors.
The Forum is recruiting leading companies, governments, organizations and experts to pilot these initiatives. To learn more: http://www.wef.ch/WEF-secure-IoT.
The Centre for the Fourth Industrial Revolution Network brings together governments, leading companies, civil society and experts from around the world to co-design and pilot innovative approaches to the policy and governance of technology. Its vision is to shape the development and use of technology in ways that maximize the benefits and minimize the risks. The network develops, implements and scales up agile and human-centred pilot projects that can be adopted by policy-makers, legislators and regulators worldwide.
Centre for the Fourth Industrial Revolution Network: https://wef.ch/C4IRNetwork
View Forum photos at http://wef.ch/pix
Read the Forum Agenda at http://wef.ch/agenda
Become a fan of the Forum on Facebook at http://wef.ch/facebook
Watch Forum videos at http://wef.ch/video
Follow the Forum on Twitter via @wef and @davos
Follow the Forum on Instagram at http://wef.ch/instagram
Follow the Forum on LinkedIn at http://wef.ch/linkedin
Learn about the Forum’s impact on http://wef.ch/impact
Subscribe to Forum news releases at http://wef.ch/news
The World Economic Forum, committed to improving the state of the world, is the International Organization for Public-Private Cooperation.
The Forum engages the foremost political, business and other leaders of society to shape global, regional and industry agendas. (www.weforum.org).
All opinions expressed are those of the author. The World Economic Forum Blog is an independent and neutral platform dedicated to generating debate around the key topics that shape global, regional and industry agendas.