Authors of this article include Janet Rieksts Alderman, Partner, Risk Services and Co-Chair, Board Leadership Center, KPMG in Canada; Vikas Gaba, Partner and National Head, Power and Utilities, KPMG in India; Ronald Heil, Global Cyber Security Leader, Energy and Natural Resources, KPMG International and Partner, KPMG in the Netherlands; Ramit Malhotra, Director, KPMG in India
Power systems today face the risk from an array of threats such as natural disasters, technological threats, human-induced events and, most recently, health emergencies. These threats pose significant risks to the reliability, safety, and resilience of power utilities, potentially leading to widespread blackouts, economic disruptions, and compromised public safety. Worldwide, the average cost of a data breach hit a new record high in 2022, costing US$4.72 million in the energy sector1. Fortunately, there are ways in which chief information security officers at power and utilities can develop greater resilience both for the organization and everyone who depends on them. And while threats have arguably become more numerous and sophisticated, so too have the strategies to tackle them. KPMG professionals have identified some of the most rapidly increasing — and harmful — threats to utilities and developed a practical framework for helping to prepare for, combat and overcome them.