Cybersecurity and Renewable Energy: Is the Industry Prepared for a Major Cyberattack?

Cybersecurity and Renewable Energy: Is the Industry Prepared for a Major Cyberattack?
Loren Henry


July 17, 2020

In the first quarter of 2020, the U.S. wind industry installed more than 1,800 megawatts of new capacity, resulting in 11 new projects with a total capacity of 1,821 MW operations, nearly doubling the number of installations compared with the first quarter in 2019.

Along with rapid growth, today’s energy industry is also undergoing rapid digitalization to improve operational efficiencies and cut costs. However, the emergence of smart grids and other technological advances has also made the energy industry a very attractive target for cybercriminals.

Anticipating an Uptick in Cybersecurity Risks
According to The World Energy Council, there has been a massive increase in the number of successful cyberattacks in recent years, and the organization fears that those in the industry may be unprepared to deal with new and emerging cyberthreats.

Last year, the Department of Energy reported four cybersecurity events. One of the more notable events was in March of 2019, when the electrical grid operations in Los Angeles County, California, and Salt Lake County, Utah, were interrupted by an easily preventable distributed-denial-of-service attack. Although the interruption of service for all four events was minimal, it calls into question whether the energy industry is prepared for a much larger widespread and sophisticated attack.

Anticipating an increased risk in cyberattacks, the Department of Energy released a five-year strategy to help the industry more effectively combat the risk of power disruptions caused by an attack, by focusing on threat-sharing, supply chain risks, and the research and development of more resilient energy systems. A similar report was released by the National Institute of Standards and Technology (NIST) to provide guidance on securing energy environments and for adding better in-network threat detection with security controls based on the likelihood of deception.

Today, a successful cyberattack has the potential to cause damage to electronic resources as well as to damage a project’s physical assets through the forced maloperation of components, impact its finances by disrupting generation, or create national or regional energy security risks in the event of large-scale grid blackouts. As potential attack surfaces expand, and attacks become more sophisticated, it’s critical for your energy clients to be prepared with a comprehensive cybersecurity program to identify potential vulnerabilities to best mitigate risks.

From wind to solar, hydroelectric to biomass, we’re helping renewable energy businesses nationwide meet the specialized insurance challenges of the rapidly growing renewable energy sector. The Worldwide Facilities energy team can provide unique insurance solutions to issues that arise in this ever-changing industry.

To learn more about our expanded energy markets and comprehensive risk management programs, please contact Loren Henry at or 619-541-4265. 

Looking for a specific solution?