The Internet of Things (IoT) opens the gate for endless opportunities in the energy sector. Unfortunately, such diverse opportunities can arouse another type of energy: the malicious one. The threat of unanticipated security breaches is not only about loss of income or reduced customer satisfaction, but finally about consumer privacy and ultimately about electricity network stability.

Cyber security is widely discussed in the energy sector, but until now it has been rather unclear in many energy utilities how to start developing it in concrete business terms. This summer, two announcements in the EU provide guidance from the regulatory side and support in defining the direction of the next steps. For the daily management of information security, industry standards provide a practical framework.

The attack that switched off the lights in Ukraine at the end of 2015 pushed energy sector cyber security into the spotlight. In the everyday routine of utilities, attacks have been common for a long time, but today hackers are getting more systematic and professional.

In the latest release of its end-to-end smart grid platform Gridstream, Landis+Gyr has made communication security a key priority for the data exchange between interoperable smart meters and head end system (HES) via power-line communications (PLC).

According to Berg Insight, the rate of smart meter penetration in Europe reached 22% at the end of 2013 and is expected to increase to 60% by the end of 2019, resulting in 170.1 million installed units. Now that utilities are looking to replace their entire meter parks with intelligent devices, open international standards and interoperability are becoming more important.

To ensure continuous energy supply, utilities must protect their energy management assets, comply with regulations and maintain customer trust. The consequence of not doing so is an increased risk of paying penalties and suffering damage from losing customers, revenue and reputation.