icon icon
Siemens Energy cybersecurity key visual

Cybersecurity – protecting what we value

What comes to mind when you think of cybersecurity? Hackers and firewalls? It's about much more. It's about protecting valuable assets, securing the operation of critical infrastructure, and protecting sensitive data and intellectual property. At Siemens Energy, a large number of top experts work day-to-day to ensure such security and make the difference.

Why cybersecurity? A topic that’s growing in importance

Malicious hacker attacks on companies, industrial plants and infrastructure facilities are unfortunately commonplace these days. With the growing level of digitalization and expanding Industrial Internet of Things (IIOT), risks of hacking attacks are increasing not only on a company’s IT but especially on its operational technology (OT).

icon Download our cybersecurity flyer (English)
icon Download our cybersecurity flyer (German)

Six key global trends making cybersecurity a top priority

Icon cybersecurity growing risks for business

Growing risks for business

Cyber incidents ranked globally as the most important business risk in the eleventh Allianz Risk Barometer 2023. Cyber incidents have become increasingly damaging and expensive for companies – and often lead to lawsuits and litigation after the event.

Icon cybersecurity technological changes

Technological changes

By 2023, there will be over three times more networked devices on our planet than humans, according to Cisco’s latest Annual Internet Report analysis and forecast. Roughly half of all global connections will be from machine to machine.

Icon cybersecurity talent shortage

Talent shortage

The 2022 Cybersecurity Workforce Study examined the global talent shortage in the field and found that companies could use 3.4 million additional cybersecurity experts, while 4.7 million people are already working in cybersecurity - the highest number ever recorded. 

Icon cybersecurity professional hacking

Professional hacking

Nation-state players and cybercrime organizations are intensifying their activities in the cyberspace. The COVID-19 pandemic and geopolitical developments have provided them with new opportunities to target businesses, government organizations, infrastructures, and individuals worldwide.

Icon cybersecurity laws and regulations

Laws and regulations

Personal data protection and privacy laws are rapidly evolving in the United States and other countries throughout the world. While some regions, such as the European Union (GDPR), have adopted a more rigid and comprehensive approach, other countries are embracing more sectoral and self-regulated ideologies.

Icon cybersecurity customer requirements

Customer requirements

Cybersecurity is becoming an essential baseline requirement for contracting in both the public and private sectors. Only companies that are able to prove they meet high cybersecurity requirements will be shortlisted for contracts.

icon
icon

How 'defence in depth' can repel energy sector cyberattacks

Drawing "Defending energy against its enemies"

Industrial cybersecurity is crucial to keep the lights on. Power plants and grid operators must be aware of the risks they face and the security concepts necessary to protect our energy infrastructure. With the ever-changing threat landscape, adapting to new technologies and sophisticated attacks is a constant challenge. Security by design is essential to reduce the attack surface from the start.

Read the article
Picture of Vinod Philip, Member of the Executive Board of Siemens Energy

In an increasingly digital world, cybersecurity is both a necessity and an opportunity. We at Siemens Energy have the chance to lead the way as a thought leader, market shaper and key enabler. With a strong management focus and close cross-business collaboration, we are integrating cybersecurity into our company and innovation strategy.

Vinod Philip, Member of the Executive Board of Siemens Energy

Taking the right measures

Businesses today face cyberattacks on a number of fronts. In so-called ransomware attacks, for example, attackers seek to lock companies out of their own IT systems so they can extort substantial ransom sums. Other criminal groups attempt to sabotage energy supplies by attacking power plants or electricity grids.

The damage to companies and national economies can be immense. According to researchers, the average cost of a ransomware attack is $4.54 Million. And by 2031, a new ransomware attack is projected to occur every two seconds and cost its victims $265 billion annually.

But if the right measures are taken, there can be effective protection against such attacks. Siemens Energy is a leader in the field of industrial cybersecurity, backed by comprehensive expertise and many years of experience. We have developed highly effective concepts and approaches to help our customers secure themselves against any type of cyberattack.

Applying a holistic security concept

Cybersecurity must be viewed as a whole. At Siemens Energy, our job is to ensure the security of entire value chains and system lifecycles. We are exposed to and must neutralize an increasing number of security risks. Similarly, our customers have to deal with security risks, and they don’t want to have these risks increased by the use of our products, solutions, and services.

Providing secure products, solutions, and services for our customers not only requires secure development, engineering and operation from our side. Just as important is ensuring the security of the associated Siemens Energy infrastructure, premises and people. We ensure that all relevant components and processes are seamlessly integrated into a well-fortified overall system to ensure fully protected operation.

Two women sitting in front of computer screens

Industrial cybersecurity

A woman and a man stand in front of computer screens, with IT components in the background

Our Product and Solution Security (PSS) initiative enables our customers to securely operate and maintain their facilities. As an integrator and contractor, we provide state-of-the-art cybersecurity solutions including secure products that meet all legal requirements. To address risks, challenges and opportunities, Siemens Energy maintains a management system for PSS and controls risks in a systematic way.

Relying on proven mechanisms, we ensure the integrity of our portfolio by leveraging secure-by-design and defense-in-depth concepts. Our products and processes are based on international security standards such as IEC 62443. We ensure our technology leadership by continuously enhancing our products, systems, solutions, and services with state-of-the-art cybersecurity features.

Active cyber risk management

The integrated Cybersecurity Risk Management Framework at Siemens Energy aims at safeguarding all relevant company assets against cyber threats by managing associated risks. We combine information from various sources to actively monitor, communicate and mitigate critical cyber risks in close collaboration with our colleagues from within the business.

Our Cybersecurity Risk Management Framework is based on ISO 27005 and aligned with industry best practices. By constantly evolving our tools, methods, and processes, we support the achievement of corporate objectives, the protection of company assets and financial sustainability.

A woman sits in front of computer screens in a control room
icon Download our cybersecurity flyer (English)
icon Download our cybersecurity flyer (German)

Cybersecurity for our customers

icon
Report potential incidents or subscribe to security advisories

Our team of security experts for incident response and issues affecting Siemens Energy products, solutions, services, and infrastructure.

Siemens Energy CERT services

Cybersecurity solutions and services

Cybersecurity for the oil and gas industry

Like critical industries everywhere, oil and gas operations – upstream, midstream, and downstream – make prime targets for cyber threats of all kinds. Siemens Energy provides a complete portfolio of cybersecurity solutions from assess and plan over protect to detect and respond solutions.

More
Cybersecurity for power transmission

Critical infrastructure like power transmission systems are increasingly becoming the focus for cyber-attacks. Our comprehensive HVDC and FACTS cybersecurity service portfolio includes the identification of cyber vulnerabilities, the protection of all systems from cyber threats, including a fast service response to cyber incidents, and finally consulting and awareness trainings.

More
Sensformer® and Cybersecurity

The Sensformer® IoT device allows key transformer data such as oil temperature, oil level and inductor current to be securely sent to a cloud service with the help of automatic registration and cryptographically secured communication between the device and the cloud service.

More

Cybersecurity news at Siemens Energy

Industrial site

Looking through the industrial cyber portal

  • The Energy Industry Times Editor-in-Chief Junior Isles reports on Siemens Energy's industrial cyber security portal that simplifies the integration of cyber security into each project.

Read more
People talking about cybersecurity innovations

Four reasons why innovation in cybersecurity needs diversity

  • LinkedIn article by Dr. Judith Wunschik, Chief Cybersecurity Officer & Global Head of Cybersecurity at Siemens Energy, on why diversity has a positive impact on corporate innovation and cybersecurity.

Read more
Siemens Energy Innovation Center

Cyber security: the need for organised innovation

In this trade press article from The Energy Industry Times, editor-in-chief Junior Isles hears how Siemens Energy is taking an organised approach to managing cyber security innovation.

Read more
Annie Priljeva, Head of Cybersecurity Third-Party Risk Management, Siemens Energy

How to protect your business from a supply chain cyber-attack

Trade press article from Smart Energy International in which Annie Priljeva, Head of Cybersecurity Third-Party Risk Management at Siemens Energy, explains how her team ensures cybersecurity risks are identified and managed throughout the supply chain.

Read more
Infographic cybersecurity SPPA-T3000 control system

IEC certification for SPPA-T3000 control system

  • LinkedIn article by Timo Hirsch, Vice President Central & Eastern Europe - Controls & Digitalization at Siemens Energy, on IEC 62443-3-3 and IEC 62443-4-1 certification from TÜV SÜD for the SPPA-T3000 control system. 

Read more
Cybersecurity collage

Cybersecurity for the energy world

  • “We protect what’s mission critical – Cybersecurity for the energy world” – LinkedIn article by Siemens Energy Executive Board Member Tim Holt on the importance of cybersecurity for the energy industry.

Read more
EOS.ii logo

Intelligent illumination for IoT cyber defense

  • Eos.ii™ is the first AI-based monitoring and detection platform that can serve as the foundation for securing industrial IoT in an era of persistent cyberattacks.

Read more
Computer chips on a wall

Cooperation with NATO at “Locked Shields"

  • Siemens Energy was one of a few companies to support the “Locked Shields” high-level cyber defense exercise conducted by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in April 2021.
  • Experts from Siemens Energy's cybersecurity organization simulated, among other things, an attack on key energy infrastructure facilities.

Read more
icon
icon