Cooperation is key to effectively prevent and manage cyber risksDigital technologies enable us to improve our traditional business, as well as to tap completely new market spaces, helping to leverage the large amount of information available and to anticipate new trends. But at the same time IT risks are growing steadily. That’s why at Enel cybersecurity is a fundamental element of the digital strategy.
"Cooperation is key to effectively prevent and manage cyber risks. In today’s world, technology is becoming increasingly disruptive, making the cyber threats we face all the more frequent and sophisticated. In past years Enel has been working to adopt a systemic vision that takes into account both business drivers and IT/OT/IoT systems-specific protection objectives, defines a risk-based strategy and drives a “cybersecurity by design” model, boosting the resilience of infrastructure and applications to face cyber threats and risks. With the signing of the Charter of Trust for a Secure Digital World, we are formalising our commitment to an increasingly coordinated approach to cybersecurity by merging info and real-time data sharing."
The Enel Group operates in complex and diverse global environments, which also determine its level of data, asset, and people exposure. Digital automation technology has become an increasingly core component of the energy industry to the point that its fast evolution has disrupted its traditional business model. The more technology plays a fundamental role in our business and personal life the more frequent and sophisticated the cyber threats become.
Cyber risk is growing continuously as also reported in the World Economic Forum’s survey for 2018. The likelihood of cyber attacks ranks third after extreme weather events and natural disasters. This is why cybersecurity is now a focus of both nations and businesses alike and it also represents one of the pillars of Enel’s digitalisation strategy.
Power companies are more and more dependent on automated control systems for managing their networks governed by interconnected facilities.
In the past years, Enel has worked to adopt a systemic vision, characterised by a holistic approach that integrates Business Lines with the IT sector, the Operational Technology environment and the Internet of Things. In 2017, every day the protection systems of Enel Group blocked on average: 2.8 million incoming emails because of spam or malware; 900 viruses; 500 attacks on company web sites. Over the course of the year, more than 100 hostile attacks from cyberactivists were detected and managed by Enel’s Cybersecurity team.
Enel, like many companies and nations worldwide has adopted an officially recognised global Cyber Emergency Readiness Team (CERT) and is now becoming – making it the first global power utility to do so – a signing partner of the Charter of Trust for a Secure Digital World, promoted by Siemens, an initiative in line with Enel’s commitment to building trust within our digitally connected planet. Creating a foundation of trust with governments, companies and different stakeholders is, in our view, the most effective way to achieve significant progress in cybersecurity research, in developing components that are “secure by design” as well as in regulation and standardisation. This initiative finds a perfect stage to share best practices among different players in different industrial sectors within CERAWeek, one of the most relevant energy events in the world.