The impact of cybersecurity in the energy industry

Cyber resilience is a challenge for organizations globally and for the electricity industry in particular. Power systems are among the most complex and critical of all infrastructure types and act as the backbone of economic activity.

Large-scale incidents such as blackouts can have socio-economic ramifications for households, businesses and vital institutions. For example, a six-hour winter blackout in mainland France could result in damages totalling over €1.5 billion ($1.7 billion).

In 2018, the World Economic Forum Centre for Cybersecurity and the Platform for Shaping the Future of Energy, Materials and Infrastructure launched the Cyber Resilience in the Electricity Industry initiative to improve the cyber resilience of global electricity infrastructure. This initiative brought together leaders from more than 50 businesses, governments, civil society and academia to collaborate and develop a clear and coherent cybersecurity vision for protecting the power infrastructure.

Building on the first phase of the initiative, the Forum is now developing a unique exchange platform for cybersecurity leaders across the electricity industry in collaboration with Dragos, EDP, Enel, Hitachi Energy, Iberdrola, Naturgy, Ørsted, Schneider Electric, Siemens Energy, Southern and Vestas. This new platform serves as a central hub where industry experts can exchange knowledge, ideas and best practices to improve cyber resilience as a whole.

By bringing together the leading minds in cybersecurity worldwide, the initiative is fostering collaboration and innovation in this critical field, with the ultimate goal of enhancing the security and reliability of the electricity infrastructure that powers the modern world.

What are the challenges of cybersecurity in the energy industry?

The unprecedented pace of technological change driven by the Fourth Industrial Revolution means that health, transport, communication, production and distribution systems will demand rapidly increasing energy resources to support global digitalization and the advancement of interconnected devices.

Digitalization is driving growth and innovation in the electricity industry and has tremendous potential to deliver shareholder, customer and environmental value. However, new technologies and business models affecting operating assets present both opportunities and risks.

In the past, managing these risks had only meant dealing with issues such as component failure or weather damages, while today’s resilience plans must consider cybersecurity-related threats.

Our approach to strengthening cybersecurity in the energy industry

The Cyber Resilience in the Electricity Industry programme focuses on three main pillars:

- Developing scenarios and use cases that industry executives and boards can use to create a culture of cyber resilience and good governance in the electricity sector.
- Improving the implementation of cyber resilience regulations by fostering dialogue between policy-makers and businesses.
- Improving supply chain resilience by establishing standards for cybersecurity roles and responsibilities across all stakeholders involved to ensure that every entity is taking appropriate steps to protect against cyberthreats.

The initiative has published a series of reports to guide chief executives and board members in meeting the unique challenges of managing cyber risks:

- Cyber Resilience in the Electricity Ecosystem: Principles and Guidance for Boards
- Cyber Resilience in the Electricity Ecosystem: Playbook for Boards and Cybersecurity Officers
- Cyber Resilience in the Electricity Ecosystem: Securing the Value Chain

In 2021, following a request from the European Commission (EC) Energy Directorate, the initiative also developed a collection of 15 lessons learned and recommendations for improvement on the new EC Cybersecurity Directive considering the implications of supply chain attacks and other systemic risks for cybersecurity in the energy industry.

How artificial intelligence can help transform Europe’s health sector

A high-standard health system, rich health data and a strong research and innovation ecosystem are Europe’s key assets that can help transform its health sector and make the EU a global leader in health-related artificial intelligence applications.
The use of artificial intelligence (AI) applications in healthcare is increasing rapidly.
Before the COVID-19 pandemic, challenges linked to our ageing populations and shortages of healthcare professionals were already driving up the adoption of AI technologies in healthcare.
The pandemic has all but accelerated this trend. Real-time contact tracing apps are just one example of the many AI applications used to monitor the spread of the virus and to reinforce the public health response to it.
AI and robotics are also key for the development and manufacturing of new vaccines against COVID-19.
A fresh JRC analysis shows that European biotech companies relying on AI have been strong partners in the global race to deliver a COVID-19 vaccine.
Based on this experience, the analysis highlights the EU’s strengths in the “AI in health” domain and identifies the challenges it still has to overcome to become a global leader.
High standard health system safeguards reliability of AI health applications
Europe’s high standard health system provides a strong foundation for the roll out of AI technologies.
Its high quality standards will ensure that AI-enabled health innovations maximise benefits and minimise risks.
The JRC study suggests that, similarly to the General Data Protection Regulation (GDPR), which is now considered a global reference, the EU is in a position to set the benchmark for global standards of AI in health in terms of safety, trustworthiness, transparency and liability.
The European Commission is currently preparing a comprehensive package of measures to address issues posed by the introduction of AI, including a European legal framework for AI to address fundamental rights and safety risks specific to the AI systems, as well as rules on liability related to new technologies.
Strong European research ecosystem supported by EU funding
At the moment, the EU is already well positioned in the application of AI in the healthcare domain - slightly behind China but on par with the US.
But judging from the EU’s research capacities, there is more potential.
The JRC analysis notes the strong investment of European biotech companies in research: in the EU, almost two thirds of all medical AI players are involved in research, against approximately one-third in China.
Consequently, Europe has a strong and diversified research and innovation ecosystem in the area of AI in health.
European companies are particularly strong in health diagnostics, health technology assessment, medical devices and pharmaceuticals.
The EU’s research framework programmes play an important role in the European research and innovation landscape in this domain.
A JRC report published in 2020 indicates that 146 projects linked to AI in health have been launched under the Horizon 2020 framework programme.
The funding of AI in health related projects has been increasing over time, reaching over €100 million in 2020.

Public launch of MIDAS: the models behind EU policies

The European Commission opens the MIDAS inventory to the public, providing a user-friendly platform to explore the models used to support evidence-informed policymaking in the EU.
The new public version of MIDAS, the Modelling Inventory and Knowledge Management System, helps anyone explore any of the 35 models used for impact assessments since 2017.
The information available on the platform can help everyone to better understand the evidence used by the Commission when designing and evaluating policies that address today’s big challenges.
As well as providing useful documents and references, MIDAS explains how each model supported the analysis carried out for each impact assessment - indicating the leading Commission department, who runs the model, and which impacts it has helped to assess.
For each model, MIDAS also gives information on:
- Structure : details on the modelling approach, data inputs and outputs, spatial and temporal extent and resolution;
- Transparency: The extent to which underlying data, model results, code and documentation are available and accessible;
- Quality : if and how uncertainties are quantified and accounted for, if sensitivity analysis has been done, if the model has been peer reviewed or validated, if results are published in peer reviewed journals.
The Commission makes extensive use of models to support policymaking, from their initial design to evaluating their environmental, economic and social impacts. Models are used in many policy areas, such as agriculture, the environment, transport, economics and fisheries.
For example, the Commission recently used modelling to assess the feasibility of committing to EU climate neutrality by 2050, and of the 2030 Climate Target Plan, which raises the EU's ambition on reducing greenhouse gas emissions to at least 55% below 1990 levels by 2030.
By clearly presenting information on models that supported Commission impact assessments and making that information easy for the public to navigate, MIDAS encourages scrutiny of the quality of evidence provided by modelling and the exchange of good practices in model use.
The aim is to give everyone - whether it’s research bodies, decision makers or the general public - confidence in the contribution that these models make to better policy design and evaluation.