Inconsistent cybersecurity practices in organisations pose a threat to the energy sector. A new handbook from the University of Vaasa offers a structured, user-friendly resource to enhance cybersecurity resilience in the energy sector.
– As digitalisation accelerates, the energy sector faces more and more exposure to cyber threats, making human factors a critical point of intervention. By offering a structured and accessible resource, we aim to support a more resilient and sustainable energy landscape, says Petra Berg, one of the authors.
The handbook combines the expertise of researchers from the University of Vaasa, Petra Berg, Bahaa Eltahawy, Mazaher Karimi, Linda Turtola and Mansi Negi. It is one of the achievements of the REDISET - Resilient Digital Sustainable Energy Transition project, a collaborative project investigating digital energy security and resilience in future energy systems in the Nordics. Even though the focus is in the Nordics, the findings of the books are applicable to similar energy systems elsewhere.
According to the authors, a major challenge in cybersecurity resilience is the variation in organisational cybersecurity culture, skill levels, and training, leading to inconsistent security practices. Over-reliance on regulations and resistance to complex security protocols further expose critical systems to threats.
One of the handbook's key contributions is its emphasis on socio-cyber-physical risk management. It encourages organisations to move beyond compliance-driven approaches and adopt proactive, user-friendly strategies that integrate human behaviour into cybersecurity planning. By focusing on education, awareness, cooperation, and strategic investments, alongside the adoption of regulatory frameworks, the energy sector can significantly improve its cyber resilience.
The newly published handbook provides a comprehensive toolkit for policymakers, energy companies, and cybersecurity professionals. It compiles scattered information to offer a concise, user-friendly manual that presents cybersecurity guidelines in an accessible and engaging format. It helps to understand the roles and needs of different actors in the modern electricity-based digital energy systems, and gives suggestions on how to reduce threats involved. It also offers a detailed, practical checklist for assessing cybersecurity awareness and practices within organisations.
The manual is funded by Business Finland, NordGrid Energy Research, and Swedish Energy Agency.
The book is freely available online .
