The future of the power industry will be shaped by a range of disruptive themes, with cybersecurity being one of the themes that will have a significant impact on power companies.A detailed analysis of the theme, insights into the leading companies, and their thematic and valuation scorecards are included in GlobalData’s thematic research report,Cybersecurity in Power – Thematic Research. Buy the report here.
The importance of cybersecurity has increased with the adoption of more and more digital devices. This trend is set to continue in the future as technologies such as augmented reality (AR), artificial intelligence (AI), drones, and others increase in their utility through technological advances. As their adoption increases, so the threat of cyber-attacks will also rise. Global cybersecurity spending in the energy sector is headed for strong growth in the first half of the 2020s, with a compound annual growth rate of 9.1% between 2019 and 2025.
The benefits of digitalisation are wide-ranging, but cybersecurity is the Achilles’ heel of digitalisation. Given the destructive nature of a cyber-attack on a power company, ensuring resolute cybersecurity is just as important as any attempts to digitalise assets and processes.
However, not all companies are equal when it comes to their capabilities and investments in the key themes that matter most to their industry. Understanding how companies are positioned and ranked in the most important themes can be a key leading indicator of their future earnings potential and relative competitive position.
According to GlobalData’s thematic research report, Cybersecurity in Power, leading adopters include: Iberdrola, Engie, Duke Energy, E.ON, Electricite de France, Duke Energy, General Electric and Siemens.
Insights from top ranked companies
Iberdrola is a major Spanish energy utility. In recent years, the company has made a considerable investment in digitisation efforts and the smart grid, and this has made cybersecurity a prime concern for the company. In December 2019, the company joined the European Network for Cyber Security (ENCS), to help with ENCS’ work to boost the energy industry’s cyber defences. This membership will help Iberdrola reap the benefits of ENCS’ knowledge base along with training activities or events, while it contributes its own competence to boost the protection of their shared critical infrastructure.
Iberdrola scored five out of five on the power utilities scorecard for cybersecurity. In 2021 alone it mentioned cybersecurity 62 times in its company filings, the fourth-highest power utilities company globally, according to GlobalData’s Company Filings Database. The company also hired 65 people in cybersecurity roles in 2021.
Engie is a major French electric utility. Engie Group, through ENGIE Laborelec, which is the company’s utility research division, carries out cybersecurity assessments across all types of IoT devices along with embedded systems, and its major emphasis is on devices and systems that are utilised in industrial environments. ENGIE Laborelec has also partnered with Tata Consultancy Services (TCS), to jointly develop cybersecurity products and services for the utilities sector, helping it to deal with new cybersecurity attacks in the area of industrial cybersecurity.
Duke Energy is an integrated energy utility in the US. The company has been a leader in implementing cybersecurity measures and has built layers of security to provide rapid detection and response to possible cyberattacks. Duke Energy is making its electric grid more secure, so that it can withstand and protect against the growing threats of cyber-attacks. With multiple layers of security, company experts can quickly identify threats, protect essential systems and equipment, and properly isolate any impacted devices or systems.
To further understand the key themes and technologies disrupting the power industry, access GlobalData’s latest thematic research report on Cybersecurity in Power.
Frequently asked questions
1. Why are Power companies investing in cybersecurity?
Power companies are investing in cybersecurity to protect their critical infrastructure from cyberattacks, which can cause significant disruptions to their operations and have cross-sector implications. The energy sector is the primary target of cyberattacks, with 16% of all cyberattacks aimed at the sector in 2020. Power companies recognize the importance of cybersecurity in maintaining their profit margins and investment in renewable energy, which is critical in the energy transition
2. How do cyberattacks impact the Power industry?
Cyberattacks can cause significant disruptions to the operations of power companies, leading to power outages and other disruptions. For example, the end-user of Ukraine faced a cyber-attack, leaving hundreds of thousands of Ukrainians without power for up to 6 hours. Cyberattacks can also have cross-sector implications, affecting the functioning of a country's economy.
3. Which Power companies are leaders in cybersecurity adoption?
Some of the leading Power companies in cybersecurity adoption include Duke Energy, Engie, E.ON, Electricite de France, Iberdrola, Duke Energy, General Electric, and Siemens.
4. Who are the leading vendors of cybersecurity to the Power industry?
Some of the leading vendors of cybersecurity to the Power industry include Zscaler, Cisco, Netskope, Fortinet, CrowdStrike, VMware, Microsoft, Splunk, Exabeam, Trend Micro, Palo Alto Networks, Sentinel One, Proofpoint, Broadcom, Check Point Software, IBM, and Micro Focus.
5. How does increased investment in cybersecurity benefit Power companies?
Increased investment in cybersecurity can help Power companies protect their critical infrastructure from cyberattacks, maintain their profit margins, and continue their investment in renewable energy. It can also help them comply with government cybersecurity regulations and compliance, achieve effective governance, and comply with ESG standards.
6. What are the challenges with adoption of cybersecurity in Power?
One of the challenges with the adoption of cybersecurity in Power is the advanced and capital-intensive nature of semiconductor manufacturing, which makes investing in chip fabrication and foundry to ensure chip-based security a misguided investment. Another challenge is the proliferation of smart meters around the world, which requires consumers to pay more attention to ensuring cybersecurity in their homes.
7. What is the projected market size of cybersecurity in Power?
Global cybersecurity revenues in the in the energy sector are expected to grow at a CAGR of 9.1% between 2019 to 2025.
8. Who are the leading specialist cybersecurity vendors in Power?
Some of the leading specialist cybersecurity vendors in Power include Bitdefender, Claroty, Nozomi Networks, Rhebo, Siemens (Eos.ii), Kognitiv Spark, and Mission Secure
9. What are the components of the cybersecurity value chain?
The components of the cybersecurity value chain include hardware, software, and services such as unified threat management, vulnerability management, application security, managed security services, risk and compliance services, post-breach response services, identity management, data security, email security, network security, threat detection and response, cloud security, and endpoint security.