President Biden met with energy executives to discuss his administration’s cybersecurity initiatives and ongoing threats facing critical infrastructure in the U.S. Attention on cybersecurity in the energy sector has been heightened by attacks against SolarWinds and the Colonial Pipeline. In an executive order signed on May 12, Biden called on the private sector to lead on advances in information technology (IT) and operational technology (OT), arguing government regulation isn’t enough to thwart the attempts of bad actors. Ian Bramson, the global head of industrial cybersecurity at ABS Group, and a risk management adviser to the energy sector, said renewable energy providers, developers, and asset owners face an increased risk of attacks because of gaps in cybersecurity plans.

“There’s a lot more new technology in renewables than in many of the other sectors. Well, attackers feed off technology,” Bramson told Renewable Energy World in an interview. “When things are growing rapidly, it’s very hard to manage the cybersecurity risk.” Most organizations have IT nailed down, Bramson said, but are severely lacking in OT protections. “The OT side, there’s a giant lag behind the IT side,” he said. “Most companies on the OT side can’t answer my first question: do you know what assets you need to protect?” […]