Cyber security will be one of the keywords of global energy leaders gathering in Milan next week for the World Energy Week. About a year after Wanna Cry attacks, when major organisations in about 150 countries were blackmailed around a massive data breach, the energy industry is investing something like 2 billion dollars to improve security and data protection.

Utilities and energy providers are particularly attractive for cyber criminals, being power, gas and water vital resources for any human and business activity. Italian energy company Enel has publicly stated that every day it faces about 2,8 million malware and phishing messages, 1 thousand viruses and 500 website attacks.

If threats for energy organisations are very sharp, the emergency is almost ubiquitous. According to Accenture’s latest report about cyber resilience, 22% of companies doubled its security budget over the last three years, and more than 30% will do the same by the next triennium. North America accounts for about 64% of the global security spending, and Europe rose to 18% in the first quarter of 2018.

Technology and accurate software tools are the best way to enhance corporate defences, and early detection remains critical to allow a quick, effective response to cyber attacks. Thanks to advanced algorithms and machine learning systems, responsiveness is increasing: up to 2015-16, only 10% of data breaches could be detected within a week, while today it is possible to recognise about 55% of attacks within five days. Nevertheless, 71% of IT managers believes cyber crime to be unpredictable, and damages hard to be quantified.

Turning into a cyber-resilient business requires a strong integration of security technologies, business continuity processes and even IT service management. This is the road to walk to minimise the impact of possible attacks and allow the organisation to operate under attack. Cyber-resilient companies can leverage their secured business model to strengthen customer trust and grow with confidence versus internal and external stakeholders.