English (US) United States Flag
English (UK) English Flag

Blog

Securing the Energy & Utilities Sector: A Call to Action in Cybersecurity

Bright blue background. Magenta accent circles. Navy cybersecurity icon. Insight Global logo.

Digital transformation is reshaping the energy and utilities sector. AI, cloud computing, and smart devices are improving efficiency, but they’re also opening the door to cyber threats. Attacks on pipelines, water systems, and power grids have shown that investment alone in cybersecurity is not enough. It’s a business-critical priority.

“The energy and utilities sector is at a turning point. Digital transformation is accelerating through the use of AI, IoT, and cloud enabled systems, but adversaries are also exploiting these same technologies to probe, disrupt, and damage critical infrastructure.”

Access the Whitepaper

Cybersecurity at a Crossroads: Why Energy and Utilities Must Act Now

The energy and utilities sector is facing a pivotal moment. As digital systems become more integrated and complex, the risks of cyberattacks grow. Utilities must act quickly to protect critical infrastructure and maintain system reliability for public trust.

Understanding the Threat Landscape

Cyberattacks on infrastructure are no longer rare. From ransomware on pipelines to breaches in water systems, the threats are real and growing. International incidents show that adversaries are coordinated and persistent. Since the invasion of Ukraine, Russia has launched several cyberattacks on Ukraine’s grid that caused limited short-duration service interruptions in some cases. Russian strikes against Ukrainian infrastructure targeted transmission facilities rather than power stations and focused on substations and hard-to-replace large power transformers (LPTs) used to step voltage up or down for long-distance transmission and local distribution, with the apparent aim of isolating and destabilizing major sections of the grid.

Spending on cybersecurity and AI is rising fast, but stakeholders want more than budgets—they want results. Investors, insurers, and regulators are demanding proof that utilities can withstand and recover from attacks.

Regulatory and Governance Foundations

The National Institute of Standards and Technology (NIST) has created frameworks like NIST Cybersecurity Framework (CSF) 2.0 and the NIST AI Risk Management Framework (AI RMF 1.0) that provide flexible tools for organizations to improve their own security protocols.

Utilities also need to follow any local or national regulations. The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) standards establish regulations for entities that operate North America’s Bulk Electric System (BES).

The European Union (EU) has the NIS 2 Directive, an updated framework for cybersecurity, as well as the world’s first comprehensive regulation on AI with the EU AI Act.

This patchwork of suggestions and regulations points to the need for globally harmonized practices.

Strengthening Cyber Readiness Across Systems and Teams

Cyber readiness goes beyond technology. To be effective, it needs to include people, processes, and partnerships. Utilities must strengthen their defenses across infrastructure, workforce, and supply chains to stay ahead of evolving threats.

AI and Automation

AI offers powerful tools for forecasting and efficiency, but it also introduces new vulnerabilities. Without proper governance, these systems can be exploited or manipulated. Embedding cybersecurity into the AI Foundry framework ensures that trust, accountability, and security are built into the foundation of digital innovation.

Operational Technology (OT)

Many utility systems rely on outdated technology that wasn’t built with cybersecurity in mind. Protecting these assets requires specialized strategies that balance security with operational continuity.

Workforce Shortages

The demand for cybersecurity professionals far exceeds supply. Utilities need skilled teams to manage threats, but hiring and retaining talent is a growing challenge.

Supply Chain Cyber Risk

Third-party vendors can introduce hidden risks. Utilities must assess supplier security, monitor software updates, and ensure that contracts include strong cybersecurity requirements.

Building Resilience and Accountability in Cybersecurity

Cybersecurity is no longer just about prevention, but it’s about resilience. Utilities must be able to detect, respond to, and recover from incidents quickly, while demonstrating accountability to stakeholders.

This means utilities need to have tested plans in place, allowing them to restore services under pressure. That includes during blackstart scenarios where external power isn’t available.

Utilities and regulators increasingly measure resilience outcomes. Common key performance indicators include:

  • Mean Time to Detect: Average time to identify a cyber incident
  • Mean Time to Respond: Average time to contain an active incident
  • Mean Time to Restore: Average time to restore service after an outage
  • Blackstart Readiness: Ability to restore the grid without an external supply after an outage
  • Compliance Readiness: Percentage of assets aligned with NERC CIP and NIST CSF 2.0

These indicators help utilities measure their readiness and improve over time. Utilities and regulators aren’t the only ones interested in these KPIs.

Boards and investors use resilience metrics to evaluate risk, and insurers base coverage decisions on how well utilities can respond to threats. Cybersecurity posture directly impacts credit ratings and insurance coverage. Utilities that can’t demonstrate strong defenses may face higher premiums and reduced access to capital.

Looking Ahead: A Call to Action for the Sector

The energy and utilities sector is investing heavily in modernization; however, investment alone isn’t enough. Cybersecurity must be embedded into every part of the business. That means adopting zero-trust architectures, preparing for quantum threats, and integrating digital and physical security. Utilities must prove that their cybersecurity efforts deliver real resilience. With the right frameworks, skilled teams, and trusted partners, the sector can protect essential services and earn public trust.

Insight Global works with utilities across the nation to turn strategy into action. Through our professional services division, Evergreen, we partner with customers to build resilient systems and teams with cybersecurity in center of the service.

Connect with Insight Global today.

Kaveh Aflaki, Ph.D., M.B.A., is Industry Principal for Energy & Utilities at Insight Global and Evergreen, our professional services division. Connect with him on LinkedIn.

Dr. Massoud Amin is Chairman & President at Energy Policy & Security Associates. He advises Insight Global on energy and utilities. Connect with him on LinkedIn.

More Content