Cybersecurity – Protecting what we value

What comes to mind when you think of cybersecurity? Hackers and firewalls? It's about much more. It's about protecting valuable assets, securing the operation of critical infrastructure, and protecting sensitive data and intellectual property. At Siemens Energy, a large number of top experts work day-to-day to ensure such security and make the difference.
Why cybersecurity?

A topic that’s growing in importance

Malicious hacker attacks on companies, industrial plants and infrastructure facilities are unfortunately commonplace these days. With the growing level of digitalization and expanding Industrial Internet of Things (IIOT), risks of hacking attacks are increasing not only on a company’s IT but especially on its operational technology (OT).

Six key global trends making cybersecurity a top priority

How 'defence in depth' can repel energy sector cyberattacks

Industrial cybersecurity is crucial to keep the lights on. Power plants and grid operators must be aware of the risks they face and the security concepts necessary to protect our energy infrastructure. With the ever-changing threat landscape, adapting to new technologies and sophisticated attacks is a constant challenge. Security by design is essential to reduce the attack surface from the start.

“In an increasingly digital world, Cybersecurity is both a necessity and an opportunity. We at Siemens Energy have the chance to lead the way as a thought leader, market shaper and key enabler. With a strong focus and close cross-business collaboration we are fully integrating cybersecurity into our company strategy.” 
Vinod Philip, Member of the Executive Board of Siemens Energy
What we do

Taking the right measures

Businesses today face cyberattacks on a number of fronts. In so-called ransomware attacks, for example, attackers seek to lock companies out of their own IT systems so they can extort substantial ransom sums. Other criminal groups attempt to sabotage energy supplies by attacking power plants or electricity grids.

The damage to companies and national economies can be immense. According to researchers, the average cost of a ransomware attack is $4.54 Million. And by 2031, a new ransomware attack is projected to occur every two seconds and cost its victims $265 billion annually.

 

But if the right measures are taken, there can be effective protection against such attacks. Siemens Energy is a leader in the field of industrial cybersecurity, backed by comprehensive expertise and many years of experience. We have developed highly effective concepts and approaches to help our customers secure themselves against any type of cyberattack.

Applying a holistic security concept

Cybersecurity must be viewed as a whole. At Siemens Energy, our job is to ensure the security of entire value chains and system lifecycles. We are exposed to and must neutralize an increasing number of security risks. Similarly, our customers have to deal with security risks, and they don’t want to have these risks increased by the use of our products, solutions, and services.

 

Providing secure products, solutions, and services for our customers not only requires secure development, engineering and operation from our side. Just as important is ensuring the security of the associated Siemens Energy infrastructure, premises and people. We ensure that all relevant components and processes are seamlessly integrated into a well-fortified overall system to ensure fully protected operation.

Industrial cybersecurity

Our Product and Solution Security (PSS) initiative enables our customers to securely operate and maintain their facilities. As an integrator and contractor, we provide state-of-the-art cybersecurity solutions including secure products that meet all legal requirements. To address risks, challenges and opportunities, Siemens Energy maintains a management system for PSS and controls risks in a systematic way.

 

Relying on proven mechanisms, we ensure the integrity of our portfolio by leveraging secure-by-design and defense-in-depth concepts. Our products and processes are based on international security standards such as IEC 62443. We ensure our technology leadership by continuously enhancing our products, systems, solutions, and services with state-of-the-art cybersecurity features.

Active cyber risk management

The integrated Cybersecurity Risk Management Framework at Siemens Energy aims at safeguarding all relevant company assets against cyber threats by managing associated risks. We combine information from various sources to actively monitor, communicate and mitigate critical cyber risks in close collaboration with our colleagues from within the business.

 

Our Cybersecurity Risk Management Framework is based on ISO 27005 and aligned with industry best practices. By constantly evolving our tools, methods, and processes, we support the achievement of corporate objectives, the protection of company assets and financial sustainability.

News and media

Cybersecurity news at Siemens Energy