Five Predictions for the Energy Industry in 2024

Omny’s Director of Customer Success, Tommy Evensen, doesn’t mince words when he talks about the energy industry in 2024: everything is becoming more vulnerable. Here are some of his predictions for the coming year. 

We see a fraught geopolitical situation that shows no signs of abating in the coming year. And when you combine that with the ease of access to ready-made tools to exploit industrial facilities, the energy industry continues to be a major target – for both experienced and inexperienced threat actors,” says Evensen.

It’s certainly not the rosiest of pictures, but it’s one that the industry must come to grips with and prepare for, he adds. Because the more you know, the more you prepare, and the more you share with industry peers, the more resilient the industry will be. 

Here’s a look at Evensen’s 2024 predictions for the energy industry:

1.    Widespread backpedaling on globalization in the energy industry

Evensen calls it the slow death of globalization in energy. There’s a shift happening in nearly all markets, and most nations are aiming for greater energy independence. 

“Keeping energy in-country means that you are not dependent on the capabilities of other nations to protect you from attack or from disruptions to your energy supply. I believe that we’ll continue to see countries work to reduce their energy dependence as an attempt to stabilize their supply and reduce their risks and cyber-related vulnerabilities,” he says. 

2.    Rising wariness over what’s stored in the cloud

In line with the energy independence trend, Evensen points to the data sovereignty trend. This is also a move to reduce risk by keeping data stored within sovereign borders and/or a region (like the EU). 

“Once again, this is about maintaining control over the data and ensuring that it adheres to strict privacy and security regulations of the country to which it belongs – rather than ceding control of it to another country (where it’s stored) that may not share the same principles in terms of protecting it,” he says.

3.    A growing pool of script kiddies and hacktivists causing harm

Today, anyone can do a Google search and uncover a script that helps them carry out a cyber-attack, which has changed the definition of “hacker” as we know it. In addition to a swarm of script kiddies, the energy industry is increasingly victim to a new type of threat actor – the hacktivists, explains Evensen.

“A hacktivist is armed with a political message and aims to make a statement through a cyber-attack, such as bringing an oil and gas operation to a halt or causing financial harm,” he adds. “This forces us to re-think where the threats are coming from and to realize that it’s not always the most sophisticated threat actors who are causing the most damage.”

4.    Wallets open and more investment is directed to risk management

Preparedness unfortunately does not come free of charge. This has been made clear upon the release of the EU’s NIS2 directive, which requires industrial players to be better equipped for cyber-attack by investing more in their planning and defense preparation.

“Companies have been spending most of their cyber-security budgets on the IT side of the house, but it’s on the operational technology (OT) side that the revenue is generated. I foresee more investment in OT cyber risk management in 2024 – which will require operators to know their assets and understand what’s most important to protect,” Evensen says.

5.    We realize that sharing is truly caring in the world of cyber risk management

When an organization is the victim of a cyber-attack, there’s a lot that can be learned by industry peers. This learning can be the key to enabling others to prevent the same thing from happening to them. 

“We are seeing the rise of some sharing platforms that aim to serve as a global network of threat information, which is an important first step,” says Evensen. “Our best defense against cyber-attack is to work together, across the industry, to share our knowledge and cooperate closely – which is something that I foresee this the energy sector embracing in 2024.”

Now is the time to be proactive against potential cyber threats. Not sure where to begin? Perhaps we can help. Omny Advisory Services were designed with our customers needs in mind. Allow the Omny team of expert advisors guide your industrial cybersecurity journey.