LevelBlue, a provider of managed network security services and threat intelligence, has released its 2024 Futures Report: Cyber Resilience in Energy and Utilities, highlighting major challenges energy and utility leaders face as they contend with rising cyber threats and demands for technological innovation. The report emphasizes a strong focus on investing in dynamic computing and AI strategies, with 75% of leaders planning to engage more sophisticated supply chains and 85% expecting revenue and operational improvements.
Despite this optimism, concerns about increased risk persist. While 74% of respondents believe computing advancements’ benefits outweigh cybersecurity risks, 67% admit to being cautious or late AI adopters. Moreover, 79% acknowledge accepting a level of uncertainty in managing these threats.
Theresa Lanowitz, Chief Evangelist at LevelBlue, stated, “With the rise of supply chain attacks, energy and utility companies are continually reminded of their vulnerabilities. Yet, cyber resilience still isn’t treated as a critical business priority. To manage these risks effectively, leaders beyond IT must align resilience strategies with broader business objectives.”
The report also highlights vulnerabilities from third-party sources, with 78% of respondents struggling to assess supply chain risks and only 38% considering their supply chain secure. Distributed denial-of-service (DDoS) attacks are a significant concern, with 47% anticipating them as likely threats, yet 41% feel unprepared to handle such incidents.
Key findings on barriers to cyber resilience include:
- 81% face challenges undermining their cybersecurity strategies.
- 77% see digital transformation as a persistent hurdle.
- 63% believe cybersecurity is treated as an afterthought, and 68% note that efforts are often siloed.
- 73% say cyber resilience is limited to cybersecurity teams rather than being an enterprise-wide priority.
- 72% report a lack of investment in cyber resilience beyond standard cybersecurity measures.
- 81% indicate budgets are reactive rather than proactive.
- 61% report insufficient board-level understanding of cybersecurity.
- 75% are struggling to secure necessary external guidance.
The report urges leaders to balance innovation with risk management and outlines five steps to enhance resilience: identifying barriers, adopting secure-by-design principles, aligning cyber investments with business objectives, building a support ecosystem, and transforming cybersecurity strategies.
