Managing cyber risk in the electric power sector
Emerging threats to supply chain and industrial control systems
The power sector is one of the most frequently targeted and first to respond to cyber threats with mandatory controls. But threats continue to evolve, reaching into industrial control systems and supply chains, and requiring even greater efforts to manage risk.
The network of power plants and lines connecting to homes and businesses is widely considered to be among the most critical infrastructure in the world, especially in advanced economies. It’s also one of the most frequently attacked, with consequences that could potentially reach far beyond the power sector.
This report examines the growing sources of cyber risk in the power sector, tracks the evolving threats, threat actors, and susceptibilities, and explores one of the most prominent vulnerabilities today—cyber risk in the electric power supply chain. It also explores the nature of supply chain cyber risk, delves into recent supply chain attacks and their impact on the power sector, and discusses challenges in addressing these risks.