Cyber Resilience in the Electricity Ecosystem

Cyber Resilience in the Electricity EcosystemWorld Economic Forum

Résumé: From its inception, the electricity industry has been thorough in addressing security risks in order to protect critical infrastructure and ensure continuity and quality of power supply. Companies have invested in resilient grid design and implemented incident and crisis management procedures and business continuity plans to face physical attacks and weather events, such as large storms. But with increased automation and digitization, electricity companies are exposed to new cybersecurity risks that are testing the resilience of the power infrastructure. In this new context, business leaders and regulators struggle to identify the best countermeasures to mitigate these risks and must embrace a collaborative and risk-informed approach to adapt and ensure a resilient ecosystem.

To reflect on the unique challenges that the electricity industry is facing in properly understanding and addressing cybersecurity risks, spanning both the information technology (IT) and operational technology (OT) environments, the World Economic Forum has brought together a group of more than 50 senior executives from utilities, technology manufacturers, government entities and academic institutions with the goal of enhancing cyber resilience across the electricity ecosystem.

It has been a privilege to work with this very engaged community of purpose. I hope other companies in the industry will find value in the insights shared and tools developed and will be compelled to actively collaborate with other ecosystem agents to enhance cyber resilience not only within their companies, but across the electricity ecosystem as a whole.

Maintaining cyber resilience across the ecosystem is a challenge for all organizations and a significant priority for critical infrastructure sectors such as electricity. Furthermore, the COVID-19 crisis is having a dramatic impact on our society and has forced everyone to become heavily reliant on the internet and its digital economy.

Systems of Cyber Resilience: Electricity is a public-private collaboration initiative with the objective of enhancing cyber resilience across the electricity ecosystem. It is the one place in the world where chief information security officers (CISOs), experts and policy-makers can convene in a trusted, neutral environment, and focus on advancing global cyber resilience in the electricity ecosystem.

We hope that this paper, the result of a collaborative effort, helps leaders to strategically manage information risks, work towards a culture of shared cyber-risk ownership across the organization and take a more strategic approach to cyber resilience. Effective cyber resilience requires a combined, aligned multidisciplinary effort to move beyond compliance to cohesive business and digital enablement.

Télécharger