2 weeks Ago By N/A (Myrna M. Velasco)
Across decades, the operations of power facilities – from generation to distribution and even transmission assets – had traditionally leaned on just physical security and operational efficiencies, but with massive scale innovation happening in the energy sector, insidious threats are now also posed by cyberattacks. The Department of Energy (DOE) will integrate cybersecurity in the planned modification of policy frameworks that shall underpin resiliency assessment and rating system for various power facilities in the country. Energy Undersecretary Felix William Fuentebella indicated that the energy resiliency scorecard (ERS) that they have been working on with the United States Agency for International Development (USAID) has incorporated cybersecurity as one of the pillars to be measured when it comes to the resiliency of power infrastructure against threats and vulnerabilities - be it with extreme weather events and other climate change risks or even external assault on their equipment and digital tools.
“We have to improve the policy regularly for TFER (Task Force on Energy Resiliency), that’s from 2018 and then 2022; then we’re targeting coming out with an update which will include now cybersecurity,” he stressed. Across decades, the operations of power facilities – from generation to distribution and even transmission assets – had traditionally leaned on just physical security and operational efficiencies, but with massive scale innovation happening in the energy sector, insidious threats are now also posed by cyberattacks. Essentially, more and more energy companies are now injecting capital for smart grids, internet of things (IoT) devices, automated control systems and even artificial intelligence (AI) applications -- and these innovations have been exposing power facilities to higher degree of attacks that may be orchestrated by obstructive cyber adversaries.
Thus, on the domain of ensuring resiliency for power infrastructure, the conventional metrics of securing power facilities from physical assaults, sabotage and even wallop from natural disasters will no longer be enough. Fuentebella emphasized that the scorecard drawn for power generators and distribution utilities, in particular, “will guide policymakers and also the management of the facilities on what specific investments for their infrastructure resiliency must be done.” From the ratings these generation companies (GenCos) and distribution utilities (DUs) would achieve from the ERS, he noted that a consensus must be established how they will strengthen their assets as anchored on science-based and numbers-backed assessments on these power facilities.
The DOE recently announced that the ERS initiative targets to “strengthen energy systems and climate resilience across the sector by providing a standardized benchmark for measuring energy resilience. “ Apart from cybersecurity, the other critical pillars to be evaluated in the ERS would similarly cover: infrastructure strengthening, systems, disaster risk financing and insurance, stockpiling, response and rehabilitation. The energy department added that the scorecard system shall also be benchmarked with international resilience standards.
The pilot tests have been done so far across nine (9) distribution utilities, generation and transmission facilities in Leyte; and was later on expanded to power facilities in Regions 1, and 2 and 3 as well as the Cordillera Administrative Region..
