A topic that’s growing in importanceMalicious hacker attacks on companies, industrial plants and infrastructure facilities are unfortunately commonplace these days. With the growing level of digitalization and expanding Industrial Internet of Things (IIOT), risks of hacking attacks are increasing not only on a company’s IT but especially on its operational technology (OT).
Six key global trends making cybersecurity a top priority
How 'defence in depth' can repel energy sector cyberattacks
Industrial cybersecurity is crucial to keep the lights on. Power plants and grid operators must be aware of the risks they face and the security concepts necessary to protect our energy infrastructure. With the ever-changing threat landscape, adapting to new technologies and sophisticated attacks is a constant challenge. Security by design is essential to reduce the attack surface from the start.
“In an increasingly digital world, Cybersecurity is both a necessity and an opportunity. We at Siemens Energy have the chance to lead the way as a thought leader, market shaper and key enabler. With a strong focus and close cross-business collaboration we are fully integrating cybersecurity into our company strategy.”Vinod Philip, Member of the Executive Board of Siemens Energy
Taking the right measuresBusinesses today face cyberattacks on a number of fronts. In so-called ransomware attacks, for example, attackers seek to lock companies out of their own IT systems so they can extort substantial ransom sums. Other criminal groups attempt to sabotage energy supplies by attacking power plants or electricity grids.
The damage to companies and national economies can be immense. According to researchers, the average cost of a ransomware attack is $4.54 Million. And by 2031, a new ransomware attack is projected to occur every two seconds and cost its victims $265 billion annually.
But if the right measures are taken, there can be effective protection against such attacks. Siemens Energy is a leader in the field of industrial cybersecurity, backed by comprehensive expertise and many years of experience. We have developed highly effective concepts and approaches to help our customers secure themselves against any type of cyberattack.
Applying a holistic security concept
Cybersecurity must be viewed as a whole. At Siemens Energy, our job is to ensure the security of entire value chains and system lifecycles. We are exposed to and must neutralize an increasing number of security risks. Similarly, our customers have to deal with security risks, and they don’t want to have these risks increased by the use of our products, solutions, and services.
Providing secure products, solutions, and services for our customers not only requires secure development, engineering and operation from our side. Just as important is ensuring the security of the associated Siemens Energy infrastructure, premises and people. We ensure that all relevant components and processes are seamlessly integrated into a well-fortified overall system to ensure fully protected operation.
Our Product and Solution Security (PSS) initiative enables our customers to securely operate and maintain their facilities. As an integrator and contractor, we provide state-of-the-art cybersecurity solutions including secure products that meet all legal requirements. To address risks, challenges and opportunities, Siemens Energy maintains a management system for PSS and controls risks in a systematic way.
Relying on proven mechanisms, we ensure the integrity of our portfolio by leveraging secure-by-design and defense-in-depth concepts. Our products and processes are based on international security standards such as IEC 62443. We ensure our technology leadership by continuously enhancing our products, systems, solutions, and services with state-of-the-art cybersecurity features.
Active cyber risk management
The integrated Cybersecurity Risk Management Framework at Siemens Energy aims at safeguarding all relevant company assets against cyber threats by managing associated risks. We combine information from various sources to actively monitor, communicate and mitigate critical cyber risks in close collaboration with our colleagues from within the business.
Our Cybersecurity Risk Management Framework is based on ISO 27005 and aligned with industry best practices. By constantly evolving our tools, methods, and processes, we support the achievement of corporate objectives, the protection of company assets and financial sustainability.
Report potential incidents or subscribe to security advisories
Our team of security experts for incident response and issues affecting Siemens Energy products, solutions, services, and infrastructure.