75% of the energy sector worldwide to digitize in two years: Kaspersky Research

Islamabad : According to the joint Kaspersky and VDC research report, ‘Powering Cyber Resilience in the Energy Sector’, less than 5% of energy organizations can be considered fully digital nowadays. Yet, in just two years, that number is projected to explode, with nearly three-quarters (75%) of organizations expecting to achieve full digitalization. This ‘digital big bang’ is reshaping generation, transmission and distribution, promising unprecedented gains in efficiency, reliability and sustainability.

However, the same connectivity that enables real-time grid optimization opens new doors for cybercriminals. The consequences are already being felt. The research reveals that more than half of energy organizations have experienced cyber incidents costing over $1 million. This is not merely a data breach; it is a direct threat to operational continuity and the stability of the power grid. This highlights the escalating financial and operational risks confronting critical infrastructure. As the sector accelerates its digital transformation, securing the increasingly connected OT environments has become a strategic priority.

Energy organizations are leveraging advanced technologies to navigate market volatility, meet regulatory demands, and integrate new energy sources. The primary objectives, as identified in the report, are laser-focused on core business outcomes including improving production efficiency (29%), reducing operational or production costs (23%), strengthening cyber resilience (23%).To achieve these goals, energy companies are deploying advanced technologies such as AI-driven analytics, digital twins and predictive maintenance tools to optimize supply and demand, anticipate equipment failures and reduce unplanned outages.

Automated drones and robotics further enhance inspection safety and efficiency across transmission and generation sites, helping operators improve reliability metrics like SAIDI and SAIFI while enabling dynamic grid management and smoother integration of distributed energy resources.

While commenting on the rapid digitization of Pakistan’s energy sector, a leading energy expert and Director at Islamabad Electric Supply Company (IESCO), Asim Nazir Raja, noted that the sector is undergoing a rapid and much-needed transformation, with digitalization at its core. The rollout of Advanced Metering Infrastructure (AMI), integration of mobile applications, and other structural reforms are significantly improving transparency, operational efficiency, and customer experience. These innovations are not only empowering but are also strengthening the overall resilience and responsiveness of the power system. However, as the sector accelerates towards a more connected and data-driven ecosystem, it is equally critical to prioritize cybersecurity and safeguarding customer information and securing critical infrastructure. At IESCO, we are continuously investing to strengthen our cyber resilience to address evolving threats.

Securing the energy sector’s digital transformation is as much a human challenge as a technological one. According to Kaspersky, over 45% of organizations cite a shortage of specialized industrial cybersecurity talent as their top obstacle.

At the same time, a persistent divide between IT and operations complicates governance. Nearly three-quarters of organizations report that control system cybersecurity is led primarily by IT, with fewer than 10% indicating operational leadership – a fragmentation that can result in misaligned priorities and inconsistent protection strategies.

Neglecting OT cybersecurity in the energy sector goes far beyond financial loss. A successful attack can have immediate physical and systemic consequences, threatening grid reliability, public safety and national resilience.

To navigate this digital inflection point securely, energy leaders must adopt a fundamentally different approach to cybersecurity, one that prioritizes OT environments as the core of the business. It is no longer sufficient to apply IT-grade security to industrial control systems. Instead, the strategic response must rest on three essential pillars. Energy organizations need industrial-grade protection that enables real-time asset visibility and anomaly detection, similar to what is provided by the Kaspersky OT Cybersecurity Ecosystem.

At the core of this ecosystem is Kaspersky Industrial Cyber Security (KICS), a native Extended Detection and Response (XDR) platform designed for critical infrastructure protection. The convergence of IT, OT and IIoT demands unified visibility and control, as fragmented approaches with disparate tools create dangerous blind spots and Securing energy infrastructure demands partners who understand the sector’s unique operational technologies and regulatory requirements.