The Grand Transition is reshaping the energy sector via the three interacting trends of decarbonisation, decentralisation and digitalisation. These trends are creating new opportunities that enable the transition while also presenting evolving challenges to be addressed. The opportunities and risks arising from the digitisation trend are particularly stark enabling the rapid adoption of intelligent systems and innovation through the better use of data while also increasing the energy sector’s digital vulnerability with the potential for cascade effects that could cause wider societal and economic harm. Further structural changes that fragment the market and divide responsibility complicate energy system operations and mean that the potential financial and societal impact of a cyber or digital related loss of energy supply is only growing. The energy sector needs to improve its dynamic resilience to address the evolving risks and the World Energy Council has been exploring how to support this.
As reliance on digitalised systems increases, new possible cyber vulnerabilities arise that need to be identified, assessed and managed. The growth of intermittent renewable generators such as solar and wind require the distribution system to become more dynamic, with a greater co-ordination role for system operators using digital systems and significantly increases the number of entry points for malintents. Moreover, other parts of the energy sector that had historically relied upon legacy operational systems with low levels of internet connectivity are moving to dynamic control systems reliant on digital communication that also increase the number of potential entry points.
Risks for the increasing digitalised and decentralised systems of the energy sector can have multiple stressors and origins that vary between from business as usual accidents to malicious attacks from within the systems or beyond with varying degrees of severity, duration and scale. There are already numerous examples of cyber-attacks to the energy sector, with energy listed as one of the top three sectors targeted for attack in the United States. The malicious hack in Ukraine in December 2015 was the first publicly known successful cyber-attack on a power grid, where hackers attacked the IT systems of three energy distribution companies to temporarily disrupt electricity supply to end customers.
Digital disruption to the energy sector does not only arise from malicious cyber-attacks or accidental issues but can also stem from natural phenomena such as solar storms. In 1989, the Quebec region of Canada experienced a geomagnetic storm that only lasted 90 seconds but took 9 hours for 83% of power to be restored while a further 1 million customers remained without power for a longer period. With the increasing proliferation of digital systems, the impact today would be even greater, for example with outages to satellites affecting GPS, payments systems and aviation. While the causes and outcomes of cyber disruption maybe different, there are many common steps regarding assessment, reporting, communication and containment.
The role of governments in increasing dynamic resilience is crucial at both national and international level. While good response plans and preparations can be made, it is impossible to plan for all eventualities with the scale of impacts also dependent on timing and context. Plans therefore need to be adaptive and agile to be able to respond to broader market and societal changes covering increasing electrification in transport, digital communication, electronic payments and just-in-time supply chains. In the event of a serious incident, with wider societal impacts, maintaining communication will need to be prioritised, but could be particularly problematic with loss of power. Therefore, non-electronic forms of communications should be explored.
Dynamic resilience planning will need to consider various cyber crisis scenarios (deliberate, accidental and natural events) and potential durations, but should also consider the scope for cascading impacts into other sectors and geographies. Governments and companies therefore need to be able to assess the potential consequences of an incident swiftly, implement agile recovery plans and engage relevant stakeholders appropriately. This is particularly important given the pervasive coupling of differing sectors due to digitisation and decentralisation for blurring sector boundaries that increase the risk of cascade effects. For example, restarting power systems in a black start event will need to consider financial payments, telecommunications and increasingly also transport systems, with the rise of EVs. There may also issues with the prioritisation of data centres given their wider societal role while critical data systems themselves may be compromised following a black start. For national governments, international preparedness and collaboration is also key to be able to respond to issues arising from beyond its own jurisdiction, which may not include the source of the problem nor have regulatory oversight of the manufacturer of affected equipment.
As societies increasingly electrify, digitalise and decarbonise, disruption to the power sector could have devastating implications, cascading across sectors with ever more entry-points for cyber-attacks and vulnerability to extreme weather events (a topic for another paper). Recognising this, governments around the world are putting counter measures in place. Yet in an area which is constantly evolving, the power system’s integrity remains vulnerable. Governments, industry sectors and non-convention actors in the energy system must work together to introduce and continually review policies to minimise the impact of digital disruption and enable rapid recovery from incidents when they do occur. This will require better understanding of how disruption can occur and strengthening of the most vulnerable systems, with a comprehensive assessment of potential cascading risks and public communication strategies. Finally, there should be more international and regional cooperation to improve digital resilience against universal natural hazards such as space weather, establish and share best practice.
Where companies and countries are reluctant to admit their cyber incidents, establishing and sharing best practice behaviour can be challenging. A hypothetical gaming exercise offers a potential solution to these sensitivities. The World Energy Council and Chatham House recently ran a pilot workshop using carefully curated crisis simulations and role-playing breakout groups to explore best practice in a safe environment. The inter-active approach allowed safe discussion under the Chatham House rules without the need for participants to reveal any potentially sensitive direct experience of cyber-attacks.
In conjunction with Marsh & McLennan Companies (MMC), its Dynamic Resilience Cyber Security partner, the Council is exploring how to develop the hypothetical gaming concept into a programme for roll-out across its global community of energy industry and policymakers. The first output of the new work programme will be a seminal cyber security session at the 23rd World Energy Congress called “Three Clicks to Crisis”. It will be followed by a small series of cyber security webinars hosted by the Council and MMC in late 2019 and early 2020 to start sharing knowledge across the Council’s global membership community. We look forward to work together to address this evolving challenge.