Energy Transition

Bringing together the offshore wind industry to mature cybersecurity

Computer generated 3D illustration with an offshore wind turbine

Offshore wind power capacity is expanding rapidly. Image: Getty Images/iStockphoto

Liv Astri Hovem
Chief Executive Officer, DNV Accelerator, DNV
Leo Simonovich
Vice-President; Global Head, Industrial Cyber and Digital Security, Siemens Energy
This article is part of: Centre for Cybersecurity
  • Offshore wind power is as a critical resource in the rapid shift towards renewable energy, but is also now a target of frequent cyberattacks.
  • Two-thirds of energy professionals say their infrastructure is more vulnerable to cyber threats than ever, making guidance more vital than ever before.
  • DNV and Siemens Energy have launched a joint industry project to offer practical guidance on cybersecurity for offshore wind providers.

Offshore wind power capacity is expanding rapidly as countries across the world seek to meet their clean energy targets with a critical and dependable resource – but as the sector grows, so do the cyber threats against it.

Installed wind capacity globally will double to around 2 terawatts (TW) by 2030 and increase to around 6TW by 2050, according to DNV’s Energy Transition Outlook forecasts. Unlocking access to strong, abundant wind resources gets easier when the industry can demonstrate increasing reliability, decreasing operational costs and additional revenue streams like ancillary services.

Have you read?

Digital devices play central roles in ever-improving reliability, efficiency, and remote diagnostics. To function, these systems will need to be networked and continuously in communication with onshore control centres – and will need protection from cyber threats.

DNV and Siemens Energy recently took an important step on cybersecurity for offshore wind by launching a joint industry project that aims to make it easier to continue and accelerate offshore wind’s contribution to global clean energy production.

The OT Cyber Security for Offshore Wind joint industry project will provide practical guidelines to help offshore wind developers, regulators and operators build and operate systems that meet recognized cybersecurity standards.

Rising cyber threats affect wind power

Cyber threats against critical infrastructure have escalated. Energy producers make appealing targets for a wide range of attackers, including criminal enterprises seeking immediate financial gain to countries seeking future disruption of rival economies.

More than half (59%) of the 600 energy professionals surveyed by DNV for its Energy Cyber Priority 2023 research said their organization would invest more in cybersecurity during 2023–24, with this rising to 71% among power and renewables professionals. Two thirds (64%) of energy professionals said their organization’s infrastructure was more vulnerable to cyber threats than ever.

Wind power is affected by this escalating cyber threat environment. Its growth as a backbone of major economies – and its reliance on networked digital devices – make it a target. In 2022 alone, three different cyberattacks affected wind power production in Germany – including disrupting communication with offshore wind facilities.

These attacks highlighted the importance of having a cyber resilient supply chain, where developers, operators, original equipment manufacturers (OEMs), wind turbine and component manufacturers, digital infrastructure providers (such as ISPs) and network operators (such as transmission system operators) work together to develop and maintain cyber resilient offshore wind parks.

Several entities develop and publish cybersecurity standards for industrial networks, but none to date articulate how to implement these systems. For example, the IEC 62443 family of standards is often used to assess wind facilities, and the EU’s new NIS2 regulations will apply to wind power.

Although in each case it is clear what the final product must achieve, there is no standard set of procedures that shows companies how to achieve it. As a result, the approach to offshore wind cybersecurity worldwide is fragmented and non-standardized, both in terms of regulation and in terms of practice.

We believe the time is right for clear, actionable guidance for securing offshore wind against cyber threats across the offshore wind supply chain. Our joint industry project will collect wisdom and insights from across the industry to produce a recommended practice.

The recommended practice will help organizations around the world standardize the approaches taken to create cybersecurity for offshore wind. It will reduce uncertainty about how to proceed and whether a given approach will produce strong security. We hope that it will reduce the fragmentation of regulatory approaches across markets and unlock supply chain benefits that come with greater standardization.

Providing guidance to wind power industry

Creating a broadly applicable, clear, and widely adopted set of practices will require insights and contributions from offshore wind practitioners around the world and across the supply chain.

DNV brings more than 40 years of experience in wind energy and industrial cybersecurity to the joint industry project. The company publishes a broad range of standards and recommended practices to advance safety, security and efficiency in the energy industry and other industrial sectors. Meanwhile, Siemens Energy brings its expertise as an original equipment manufacturer and a leader in energy sector cybersecurity.

Discover

How is the World Economic Forum facilitating the transition to clean energy?

Based on the enthusiastic response to our joint industry project’s announcement at the Hamburg Wind Energy Conference in September, we look forward to drawing on the expertise and global reach of many more partners – the invitation to join remains open.

As the offshore wind industry builds out the technologies, strategies and infrastructure used to manage wind power production, storage and distribution, cybersecurity can and should be among the design considerations.

Done well, cybersecurity can protect the systems that reduce costs and unlock new revenue streams. It can build trust in offshore wind – and accelerate the growth of this vast clean energy resource.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Stay up to date:

Cybersecurity

Share:
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

Keeping renewables clean: the lessons to be learnt from Ukraine’s green energy transition

Maxim Timchenko

December 9, 2024

Unlocking renewable energy future in emerging markets

About us

Engage with us

  • Sign in
  • Partner with us
  • Become a member
  • Sign up for our press releases
  • Subscribe to our newsletters
  • Contact us

Quick links

Language editions

Privacy Policy & Terms of Service

Sitemap

© 2024 World Economic Forum