The study identifies five major challenges for the energy sector: securing physical infrastructure, strengthening supply chain security, improving employee training, adopting AI-driven cybersecurity measures, and fostering collaboration across the industry. Notably, 71% of respondents recognize that their OT systems are more exposed to cyber incidents than their IT counterparts, with 57% admitting their OT defenses lag behind IT protections.
Emerging technologies like AI, IoT, and remote operations are seen as essential for innovation, but they also expand the attack surface. For instance, 83% of professionals see advanced data analytics as a priority for investment, while 66% are concerned about the use of AI by attackers to launch more convincing phishing attacks. Despite advancements in training, 76% worry that their cybersecurity programs are not sophisticated enough to combat evolving threats.
The report emphasizes that energy companies must adapt to a reality where cyberattacks are inevitable. Building resilience involves proactive measures such as simulations, advanced employee training, and adopting “evergreen standards” to keep legacy systems secure. DNV also highlights the importance of supply chain transparency, with only 16% of professionals expressing confidence in their visibility over third-party vulnerabilities.
Leo Simonovich, VP at Siemens Energy, notes that cyber threats are the biggest barrier to adopting advanced digital technologies like cloud and AI in the energy transition. A cyberattack in digitally native infrastructure, such as renewable energy systems connected to the cloud, could spread more rapidly than in traditional environments.
Collaboration is key, as the report calls for energy companies to work closely with vendors, governments, and regulators to mitigate systemic risks. Sharing information on breaches and near-misses, as well as resetting the relationship between cybersecurity teams and broader business functions, will be critical in addressing these challenges.
DNV concludes that the energy industry’s ability to drive innovation while safeguarding its infrastructure will depend on sustained efforts to improve OT security, advance employee vigilance, and harness the potential of AI without introducing new vulnerabilities.
Source: Industrial Cyber
The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.