Working with EPCs — End-to-End Renewable Energy Engineering Learn More
Cybersecurity and the energy grid
In February 2025, the Energy Institute, an international professional organization for engineers and other professionals in energy-related fields, published an important article on cybersecurity and renewable energy resources.
The article reports that:
Increasing digitalization of energy systems, the growing use of AI, and the inherent cyber vulnerabilities of BESS and other clean energy sources pose significant risks to the stability of power grids and the safety of physical assets. Renewable energy infrastructure is integrated with broader energy management systems, making it particularly susceptible to cyber intrusions. The attack surfaces include both the operational technologies (OT) that control physical processes and the information technologies (IT) that manage data and communication.
An overview of the security challenges
The integration of the operating technologies with IT systems creates numerous entry points for potential cyberattacks. Many renewable energy technologies were not designed with cybersecurity in mind and lack even basic protections. In addition, the energy grid’s technology often has security limitations that prevent regular updates, and the life cycles of their components are generally longer than those in the IT environment.
Another challenge is that the OT in renewable energy infrastructure readily allows remote access and connections to business networks, which have their own cyber vulnerabilities.
Boosting cybersecurity for clean energy resources
The federal government has taken significant steps to secure the energy grid from cyber threat
- The Federal Energy Regulatory Commission (FERC), the US agency that regulates the interstate transmission of electricity, has approved mandatory grid cybersecurity standards.
- In February of this year, the National Institute of Standards and Technology (NIST) issued a cybersecurity framework 2.0 that provides comprehensive guidelines to help organizations of all sizes and sectors—industry, government, academia, and nonprofit—manage and reduce their cybersecurity risks.
- The North American Electric Reliability Corporation (NERC), a non-profit energy organization based in Washington, D.C, has developed Critical Infrastructure Protection (CIP) guidelines on how configuration changes should be managed in renewable energy infrastructure and how to conduct vulnerability assessments.
- Sandia National Laboratories, one of three research and development laboratories of the United States Department of Energy’s National Nuclear Security Administration, has developed a method for detecting false data injection attacks (FDIAs) using battery models and an extended Kalman filter to estimate measurements. The Sandia approach has already been shown to deliver a vulnerability detection rate of over 99%.
A commitment to cybersecurity protocols
A leading provider of renewable energy engineering services, Blymyer is monitoring these critical steps closely. “As the operational technologies used to manage renewable energy infrastructure continue to evolve, the need to understand the impact on security threats is essential,” says Chris Gleason, Blymyer, Director of Utility Scale Projects. “The policies that government agencies have put into place are important first steps, but these will need to be continually updated as AI and other emerging technologies play an increasing role in the clean energy landscape.”
About the Energy Institute (EI)
Headquartered at the Colorado State University Powerhouse Energy Campus in Fort Collins, Colorado and with offices in the U.K,, EI was formed in 2003 by the merger of the Institute of Petroleum and the Institute of Energy. It has an international membership of about 20,000 people and 200 companies worldwide. The stated purpose of the organization is to create a better energy future for its members and society at large by accelerating a just global energy transition to net zero by:
- Attracting, developing, and equipping the diverse future energy workforce.
- Informing energy decision-making through convening expertise and advice.
- Enabling industry and consumers to make energy safer and more efficient.
Today the EI is home to a range of collaborative initiatives, including the G+ Global Offshore Wind Health and Safety Organization, SafetyOn, and POWERful Women. The organization hosts the annual International Energy Week and Awards and publishes the annual Statistical Review of World Energy, Energy Barometer and weekly digital New Energy World magazine.