Firms fear cyber-attacks on new energy technology

Two-thirds (65%) of UK businesses are concerned over the cyber risks associated with new energy technology, according to a new survey conducted by professional services firm PwC.

The research, from the latest PwC B2B Energy Survey, was issued on 8 May and found that half (51%) of businesses were worried that their client data was not being handled securely enough by their energy supplier. Furthermore, three in five (57%) said that they would switch should their current energy supplier fall victim to a cyber-attack.

Increasing risks

PwC outlined how these ongoing concerns were coming at a time where energy suppliers were increasingly “delving ever deeper” into smart energy technology for both corporate and domestic markets. At the same time, businesses are actively considering the benefits of technological innovations to reduce both energy costs and carbon emissions.

The research detailed how cyber security and data privacy were increasingly being recognised as risks to systems, from power stations to smart meters. Moreover, the same can be said for batteries, electric vehicles and others which face threats from external attackers as well.

To demonstrate “the enormity” of the risks, PwC said that along with BAE Systems, it had recently uncovered a global hacking group (APT10) which was targeting providers of managed outsourced IT services.

Gaining trust

Steve Jennings, Power and Utilities Leader at PwC said that it was “vital” energy suppliers gain confidence of their customers. Jennings explained this would be done through “clearly demonstrating their ability to not only identify innovative technologies but critically to enhance their cybersecurity capabilities to respond to a range of sector specific events that could increase vulnerability.”

Niko Kalfigkopulos, PwC Cyber Specialist explained there were a number of steps smart energy suppliers can take to make sure they are operating at a “high level of cyber security maturity” while giving customers the “much needed reassurance” their data and security of supply is protected.

To this end, the report recommended that suppliers should only consider partnering with “trusted” third parties, that customer privacy should be prioritised, while suppliers should look to push for a form of industry standard product assurance. It explained this would enable them to label their devices as “approved”. This would reduce their exposure to being left at fault if a customer were to add “unapproved” devices into their network.

Kalfigkopoulous said: “With around a third of industrials and over a fifth of commercial organisations planning to spend more than £1mn on smart energy technology, the need for utilities – and smart technology suppliers in general – to get their cyber house in order is vital. Those organisations that react now with effective and transparent strategies will be the winners in the long run.

To fully bring consumers on board with the energy system transformation, it is paramount that smart energy suppliers take steps to reassure their customers that new energy technology is safe.