Hacked energy infrastructure, once compromised, could potentially cripple everything, and companies need to “wake up” and secure their systems to help keep the lights on, experts said at a recent energy conference.

Kelly Bissell, corporate vice president of Microsoft Security, raised concerns about how essential – and vulnerable – the energy industry is, which makes it a striking target for cyberattacks, he said during a March 19 cybersecurity session at CERAWeek by S&P Global,

“If I look out across all the industries around the world, I think the energy industry is different because if the energy industry is compromised, you can't do anything else. You can't ship product, you can't fuel trucks, you can't produce food, you can't do anything else,” he said.

In fact, he’s “never been more concerned about geopolitics” and worries about the potential for critical infrastructure to be used as a weapon. 

“I've never been so concerned, and I do hope that the market wakes up and takes this seriously around securing OT (operational technology),” Bissell said. “Again, if you don't secure the electric, I would say the electric energy as a whole, including water, nothing else works.”

The problem is complex, and it’s difficult for humans to sort through the trillions of signals flowing through networks, he said. 

The industry needs a partner: AI.

“We need AI to help augment that, to be able to see anomalies in the signal so that we can actually protect the grid or the other network,” he said.

Beyond the complexity, he said, there’s another compelling reason for the industry to use AI in its cyber defenses: attackers are going to attack.

“If we don't adopt this quickly, then we're going to be in more trouble than we are right now, or more at risk than we are right now,” he said. 

İhsan Erbil Bayçöl, CEO of Turkish power generation company Enerjisa Üretim, said AI can help establish a baseline for operations – a needed step in comparisons and spotting anomalies.

He urged companies not to dismiss cyberthreats.

“It's like we all know that at a certain day we'll die, but we always opt to forget about it. On a certain day, it'll happen,” he said. “So the cybersecurity element as well, many organizations opt to say that it's going to happen to another organization, not to my organization,” he said.

Given the need for energy industry companies to keep their systems secure, Bissell suggests they approach cybersecurity in a fashion similar to R&D.

“Security is not a one and done thing. You do it, and you evolve it, and you tailor it, and you tune it and so forth,” he said.

Early adoption of AI technology in the OT environment has helped companies identify assets and detect anomalous behaviors and potential threats, he said. Threat intelligence has enabled companies to learn from others that have had problems.

“You're able to use that threat intelligence all over the world, trillions and trillions of signals, to be able to say, ‘Wait a minute, someone over here in this area, one of my peers had a problem, how do I learn from it and inoculate our environment, apply it to me?’ So you're not lost in the noise, but you get to the signal so that you can apply actions,” Bissell said.

AI can be a helper by calling out problems as well as providing suggestions to solve problems and secure environments, he said.

However, AI still needs supervision, so it’s important to be thoughtful about how the software is deployed.

“I love the adage of trust but verify,” Bissell said.

AI should be the copilot, not the pilot, he added.

“I think that's the right pragmatic approach for adopting AI,” he said.