Embed Size (px)
Citation preview
TOWARD A MORE
DIGITAL, DISTRIBUTED
AND RESILIENT GRID
2Copyright © 2017 Accenture All rights reserved.
DIGITALLY ENABLED GRIDRESEARCH PROGRAM
FOUR
YEARS of actionable insights
and recommendations
around the challenges
and opportunities
utilities face along the
path to a smarter grid.
+300 utility executives
surveyed over the
past four years.
+20 countries surveyed.
FOURscenario-based models
looking into the impact
of distributed energy
resources, energy
efficiency and storage
on the grid.
SHAPENew Revenues
EMBRACEDistributed
Generation
FRAMERegulation
RENEWOperating
Model
ACCELERATEIT/OT
Integration
SIX IMPERATIVESFOR THE UTILITY DISTRIBUTION BUSINESS
WATCH Cybersecurity
3Copyright © 2017 Accenture All rights reserved.
THE DIGITALLY ENABLED GRID
DIGITALLY ENABLED GRID2017 EXECUTIVE SURVEY CYBERSECURITY
To what extent do the following effects of cybersecurity attacks concern you?
INTERRUPTION TO SUPPLY IS THE GREATEST CONCERN FROM CYBERSECURITY ATTACKS
5 Base: All respondents.
Source: Accenture’s Digitally Enabled Grid program, 2017 executive survey.
To a great extent
CYBER CRIMINALS ARE WIDELY SEEN AS A MAJOR RISK, BUT ATTACK BY GOVERNMENTS IS CONSIDERED A LARGER RISK IN NORTH AMERICATo what extent would you consider your distribution business to be at risk of becoming
a target for the following types of attacker?
NORTH
AMERICA
ASIA
PACIFIC
EUROPE*
31%
19% 19%13% 16%
13%
18%32%
14%7%
18%
7%
33%
17% 21% 21%8%
13%
Hacktivists: publicizing
social, religious or political
messages
Malicious internal
attackers
Hackers who infiltrate
systems to gain notoriety
Non-malicious:
human operator or
machine error
Governments or
their agents
Cyber criminals:
dominantly driven by
profits
Base: All respondents; *due to limited European sample (n=25), results for this region are to be interpreted with caution and within context.
Source: Accenture’s Digitally Enabled Grid program, 2017 executive survey.
3
To a great extent
RISK GROWTH IS EXPECTED TO BE SIGNIFICANTLY HIGHER FROM EXTERNAL ATTACKERS COMPARED TO INTERNAL ONESTo what extent would you consider your distribution business to be at risk of becoming a
target for the following types of attacker?
From your perspective, which cybersecurity-related risk has grown most in the past year?
Base: All respondents.
Source: Accenture’s Digitally Enabled Grid program, 2017 executive survey.
4
Governments or their
agents:
nation-state directed
or inspired attacks,
including own-
government (cyber
espionage)
Cyber criminals:
organized groups of
hackers that carry out
criminal acts for profit
Hackers who
infiltrate systems to
gain notoriety among
their social group,
potentially by
defacing websites or
releasing viruses
Hacktivists:
attack systems to
publicize social,
religious or political
messages
Non-malicious
(human operator or
machine error)
Malicious internal
attackers:
disgruntled/compromised
employees, contractors,
service providers,
partners
Risk growth
To a great extent
NORTH AMERICAN EXECUTIVES SEE PARTICULAR GROWTH IN THE RISK FROM GOVERNMENT-RELATED ATTACKS
5 Base: All North America respondents.
Source: Accenture’s Digitally Enabled Grid program, 2017 executive survey.
To what extent would you consider your distribution business to be at risk of becoming a
target for the following types of attacker?
From your perspective, which cybersecurity-related risk has grown most in the past year?
Risk growth
To a great extent
Governments or their
agents:
nation-state directed
or inspired attacks,
including own-
government (cyber
espionage)
Cyber criminals:
organized groups of
hackers that carry out
criminal acts for profit
Hackers who
infiltrate systems to
gain notoriety among
their social group,
potentially by
defacing websites or
releasing viruses
Hacktivists:
attack systems to
publicize social,
religious or political
messages
Non-malicious
(human operator or
machine error)
Malicious internal
attackers:
disgruntled/compromised
employees, contractors,
service providers,
partners
THE “INTERNET OF THINGS” IS WIDELY SEEN AS A POTENTIAL THREAT TO ELECTRICITY NETWORKSDo you consider the “Internet of Things” to be a potential threat to
distribution company cybersecurity?Yes, to a very great extent
Yes, to some extent
8Base: All respondents; *due to limited European sample (n=25), results for this region are
to be interpreted with caution and within context.
Source: Accenture’s Digitally Enabled Grid program, 2017 executive survey.
MORE THAN HALF OF UTILITIES BELIEVE THEIR COUNTRY IS LIKELY TO FACE INTERUPTION OF POWER SUPPLY FROM CYBER ATTACKS WITHIN FIVE YEARSWhat do you think is the likelihood that a distribution company in your country will have a
cyber attack, resulting in an interruption to the electricity supply, in the next five years?Significant likelihood (>20%)
Moderate likelihood (1-10%)
9Base: All respondents; *due to limited European sample (n=25), results for this region are
to be interpreted with caution and within context.
Source: Accenture’s Digitally Enabled Grid program, 2017 executive survey.
DESPITE THE ANTICIPATED LIKELIHOOD OF ATTACK, MOST UTILITIES HAVE ROOM TO IMPROVE THEIR RESTORATION READINESS
10
If you faced a cyber attack which caused service interruption, how well
prepared would you be to restore normal network operation?
Very poorly prepared—very limited focus on cyber-attack specific restoration to date
Poorly prepared
Moderately prepared
Well prepared
Extremely well prepared—processes, training and simulations in place
Base: All respondents; *due to limited European sample (n=25), results for this region are
to be interpreted with caution and within context.
Source: Accenture’s Digitally Enabled Grid program, 2017 executive survey.
MOST UTILITIES FEEL THEY DO NOT YET HAVE A STRONG RESPONSE TO CYBER ATTACKSBusiness exposure, cyber resilience and response readiness (% of organizations
at or near the highest level of performance for these cybersecurity capabilities).
11 Base: All utility respondents.
Source: High performance security research, Accenture 2016.
ONE IN THREE UTILITIES SEE IMPROVED THREAT IDENTIFICATION AND SHARING ACROSS THE INDUSTRY AS HAVING THE GREATEST POTENTIAL IMPACT ON THEIR CYBERSECURITY CAPABILITYWhat single action would make the greatest impact on your cybersecurity capability?
12 Base: All respondents.
Source: Accenture’s Digitally Enabled Grid program, 2017 executive survey.
FULL INTEGRATION OF CYBERSECURITY INTO BROADER RISK MANAGEMENT PROCESSES IS NOT A REALITY YET FOR ALL DISTRIBUTION BUSINESSES
To what extent is cyber-security integrated into your broader risk management processes?
58%38%
4% Cyber-security risks are fully integrated into broader risk management processes
Cyber-security risks are only partially integrated into broader risk management processes
Cyber-security risks are not integrated into broader risk management processes
Q21
13 Base: All respondents.
Source: Accenture’s Digitally Enabled Grid program, 2017 executive survey.
MOST DEPEND ON THEIR INTERNAL CYBERSECURITY GROUP FOR GUIDANCE WHEN DEVELOPING SECURITY STRATEGIES Who do you rely on the MOST for guidance and/or direction when
developing your security strategy?
14
Government
The cybersecurity industry
Utilities industry cybersecurity groups
Technology and software providers
Internal cybersecurity group
Base: All respondents; *due to limited European sample (n=25), results for this region are
to be interpreted with caution and within context.
Source: Accenture’s Digitally Enabled Grid program, 2017 executive survey.
THE UTILITY CIO HAS PRIMARY ACCOUNTABILITY FOR CYBERSECURITY: RIGHT OR WRONG?
Europe*
1615Base: All respondents; *due to limited European sample (n=25), results for this region are
to be interpreted with caution and within context.
Source: Accenture’s Digitally Enabled Grid program, 2017 executive survey.
Chief Digital Officer
Chief Security Officer
Chief Marketing Officer
Shared across multiple officers
Chief Information Officer
Chief Operating Officer
Other
Chief Data Officer
Who on your board has accountability/responsibility for cybersecurity?
