The Naturgy Foundation analyses the importance of cybersecurity in the new electricity distribution system
A report from the Industrial Cybersecurity Centre, published by the electricity company’s foundation, stresses the need to protect critical assets from threats stemming from increased connectivity and the deployment of digital technologies.
Today, the Naturgy Foundation presented a report entitled The new electricity distribution: cyber security in the digital transformation, compiled by the Industrial Cybersecurity Centre (CCI), via a webinar in which sector experts analysed the challenges facing electricity distribution system.
The document addresses cybersecurity challenges in one of the most important areas of energy supply, the electricity distribution system. As a sector in a fast-changing market undergoing major transformation challenges, its attempts to adapt are not new, and it has already developed the necessary digitalisation projects, incorporated cybersecurity and purchased new technologies and assets
According to Agustín Valencia, a collaborating partner at CCI and one of the authors of the report, “The power sector is facing multiple challenges, although three main areas stand out: renewable generation, distributed generation and virtual power plants, and thirdly, the digitalisation of the networks”.
The report analyses the sector’s current situation as regards cybersecurity, identifying possible hackers of industrial organisations in the power sector and their motivations, which is considered extremely important to understand how organisations are protecting themselves. It also draws a map of the many types of potential attacks, which include those affecting the supply chain.
The results of this study reveal electricity operators’ significant efforts to protect essential service infrastructure in compliance with existing and coming regulations. This will not, however, be a one-off effort: the digitalisation of the sector and the resulting increased dependency on technology will require additional expenditure in human and financial resources to mitigate this risk.
Increased investment in resources to protect essential services will also entail responsibility and investment for the supply chain.
During the colloquium that followed the presentation of the report, José Valiente, director of CCI and the discussion moderator, highlighted the “effort to make this report an awareness-raising document for trade professionals in the power sector and other areas, and their supply chains”.
Alberto Francoso, head of the Cyber Security and Cybercrime Analysis Service of the Cybersecurity Coordination Service of the Ministry of Home Affairs pointed out that “the cybersecurity calendar is different from the regulatory calendar. There can be two years between a cybersecurity need appearing and the necessary regulation being enacted. In this context, companies are making massive efforts to cope with this lack of synchronisation”. He also said that it is not advisable to speed up digitalisation to the extent that cybersecurity is left behind, and the need “for governments to organise and synchronise the regulatory maelstrom to simplify life for organisations”.
Meanwhile, Javier Casanova, Head of IT Redes Electricidad España in UFD, Naturgy’s electricity distributor, said that “the electricity distribution system is no longer just a matter of supply but has become a digital service that is impossible to exploit without bringing the technology to each distribution point. And a highly digitalised network must have excellent cybersecurity. Therefore, cybersecurity is being installed not only in networks, but also in our company’s processes”.
The head of Information Systems at UFD made it clear that “digital transformation is in UFD’s DNA. That said, people came before the technological step. Digitalisation is not a vertical, independent process; we see cybersecurity as part of each and every business process, and to achieve this, all our employees need to be involved and aware”.
Referring to digital transformation, Carlos Vargas , a member of Deloitte’s Technical-Economic Regulation Unit for the Energy Industry said that “in the highly regulated and standardised electricity distribution sector, a huge effort is needed in terms of resources as well as the effort needed for the energy transition itself, which should be suitably recognised”.
Head of IoT Security at Telefónica Vicente Segura said that “there are two scenarios in the energy transformation that must be avoided: organisations that embark on digitalisation without considering cybersecurity, and those that do not dare, precisely because of the risks of cyber security. The optimal attitude lies somewhere in between and this is found by incorporating cybersecurity from the word go. Security must be considered right from the design phase, and it must be approached as a process, not as a state. This concept of process involves ongoing evaluation and monitoring, which itself means a change in mentality. Being confident is an attitude”, concluded Vicente Segura.
At the opening of the event, María Eugenia Coronado, managing director of the Naturgy Foundation, talked about the need for this study in the light of the transformation of the electricity distribution system, a sector that has adapted well to both the energy transition and its consumers. “Regarding all these transformations and challenges, we have analysed aspects such as the evolution of companies, changes in supply chains, major current and future investments, and the boost from the EU in this regard”.
Share