In the energy sector, the stakes are high when it comes to cybersecurity. Unlike other fields where malware could cause havoc and delay services, attacks within the energy sector could potentially cut off electricity to millions of customers in the United States and around the world. Leo Simonovich, VP and Global Head of Industrial Cyber and Digital Security at Siemens Energy, is focused on ensuring that doesn’t happen. Simonovich is responsible for setting the business’ global strategy, with a focus on cybersecurity in the oil and gas and power sectors. Prior to joining Siemens in 2015, he led the cyber risk analytics practice area at Booz Allen Hamilton.
“Siemens is known as a 170-year-old engineering company,” Simonovich explains. “But we’ve become one of the largest industrial software companies. And by necessity, we’ve also become a security company.” Since Siemens assets were hit with Stuxnet in 2010, it’s been on a journey to secure its system and 400-plus factories around the world. “Ultimately, we took that knowledge to our customers. Today, we are recognized as a leader in industrial cybersecurity.”
Simonovich has created a global team of professionals who have a variety of perspectives, skill sets and backgrounds, including data scientists, artificial intelligence (AI) experts and individuals with mechanical and control systems backgrounds. “We need professionals that not only understand networks, but who also understand access control,” says Simonovich. This diverse team of experts is necessary to tackle one of the main challenges with securing the energy sector: it is an old and outdated system that wasn’t designed with the type of security required to combat vulnerabilities that live in today’s digital environment.
“Attacks on power plants, refineries and substations has led to a real confidence gap among the leaders that operate that machinery and energy assets. They don’t know how vulnerable they are,” says Simonovich. “They don’t know how to address the problem because of the complexity of the challenge. The readiness gap between energy companies and attackers is growing.” In this new, digital energy ecosystem, “the physical and the digital worlds are interconnected,” he says. “You have to understand both worlds and have to look at them together to detect anomalies. The challenge is that the physical world data and digital data was never meant to be looked at together.”
As of press time, Siemens Energy just launched a new A.I.-based cybersecurity service solution, Monitoring Detection and Response (MDR), powered by Eos.ii, to protect energy assets in a growing digital ecosystem. The service is tailored to providing resources to small and medium-size energy companies to help protect them from cyberattacks. The goal is that all industrial operators can access the technologies, tools and expertise required to secure the electric grid, oil and gas assets and critical infrastructure from rising threats.
At its most basic level, Siemens Energy’s MDR service addresses a challenge that utilities and energy companies will continue to face as their assets become increasingly connected, and thus, more vulnerable to cyberattacks. Companies across the world are incapable of defending against what they can’t see. “Visibility ensures that cybersecurity teams can see what’s happening across every digitally connected node; and context provides cybersecurity professionals with an understanding of normal operating environments so we can better detect anomalies. We address visibility differently,” says Simonovich.
Earlier this year, The New York Power Authority (NYPA) and Siemens Energy announced a collaboration to develop an industrial cybersecurity Center of Excellence. The Center will focus on detecting and defending against cyberattacks on critical infrastructure owned and operated by NYPA. “Part of the collaboration includes workforce development to train industrial cyber professionals, which is lacking in the U.S.,” Simonovich explains. “Industrial cybersecurity requires a unique blend of, skills in the clinical world and the digital world so we need to find and train a new pipeline of individuals. That’s very hard to learn in a classroom environment. You need to do it on the job when you’re working with real-world assets.”
Siemens, as a company, has been on the leading edge of the industry’s evolving view of cybersecurity. A good example is the Charter of Trust – which was signed in 2018 at the Munich Security Conference – where Siemens partnered with insurance companies, technology providers and utilities, to create a collective effort to address industrial cybersecurity and to build the foundation of trust for an increasingly digital world.
“It is my responsibility to carry out this vision for Siemens Energy and change how customers think about security,” Simonvich says. “Ultimately, we want to put security at the core of our customers’ business model. And the premise is very simple.”
The work that Simonovich has done to date at Siemens has been supported by the C-suite. He sees that support as key to Siemens Energy’s customers being cybersecure today, and in the future. “Leadership begins at the top,” he says. “It’s important that Boards, CEOs and CIOs recognize that operational technology is a core risk that needs to be tackled.”
In his free time, Simonovich spends time with his wife and three young boys, enjoying outdoor activities and volunteering in his community.