Suits The C-Suite
By Carlo Kristle G. Dimarucut
Environmental, social and governance (ESG) considerations and digital transformation are critical issues that boards and management have to address, making it a natural decision to leverage solutions that address both. In line with this, large-scale digital transformation is driving the adoption of renewable energy in order to reduce the severity of global climate change risks — but such a transformation also introduces potentially heightened risks of cybercrime.
According to The Global Risks Report 2023-18th Edition from the World Economic Forum, environmental risks are the chief concern of surveyed professionals. Of the top 10 long-term global risks ordered by severity over a 10-year period, six were classified as environmental (failure to mitigate climate change, failure of climate-chain adaptation, natural disasters and extreme weather events, biodiversity loss and ecosystem collapse, natural resource crisis, and large-scale environmental damage incidents), and one as technological (widespread cybercrime and cyber security). However, these risks are not always distinct from one another, and organizations must find ways to align environmental and technological risks.
TRANSITIONING TO GREEN ENERGY
Renewable energy is considered a crucial solution to address the climate crisis, although two factors have hindered the adoption of renewable energy sources — cost and reliability or dependence on weather conditions. Currently, renewable energy is more stable and economical due to technological developments like smart grids, energy storage capacities, and artificial intelligence (AI).
According to the National Grid Group, an energy company operating in the UK and US working towards a clean energy future, green energy is created and sourced without damaging the environment. Conversely, renewable energy comes from sources that replenish themselves, such as the wind and sun. While the bulk of green energy sources are renewable, not all renewable energy sources are classified as green. For example, an energy source will not be considered green if carbon emissions are involved in the generation process.
Hastening the transition to green energy through digital transformation in renewable energy depends on disruptive technologies and innovations integrating different kinds of renewable energy into the bulk grid. The transition to green energy requires a two-way flow of power and information, which can be managed by the smart grid.
While the network topology of the smart grid has benefits like efficacious and stable power, they come with corresponding cyber considerations:
• Various energy resources with no clear cybersecurity focus and ownership
• Considerable interconnections with web-based or internet-facing platforms
• Data security and privacy
• Consumer data collection, processing, and analysis
• Threat expansion with cyber attacks
• Large digital landscape or increased attack surface
CYBERSECURITY CHALLENGES
To minimize the impact of the six significant global environmental risks stipulated by the World Economic Forum, organizations should invest in renewable energy powered by large-scale digital transformation. At the same time, organizations should consider that this transformation could lead to many vulnerabilities and risks enabled by prolific cybercrime and cybersecurity. Thus, it is vital to identify and address these threats proactively.
It can be challenging to build cyber resilience because digital infrastructure and systems may be antiquated in the face of ever-evolving cyber threats. The Internet of Things (IoT), the bridge between the physical and digital world, also increases vulnerabilities exponentially. To realize the benefits of green energy, large-scale digital transformation should be enabled by a resilience strategy, governance framework, and robust cybersecurity technologies.
The EY Trust by Design methodology is an extensive approach to cybersecurity that can help organizations create secure digital environments, safeguard sensitive data, and foster consumer and stakeholder trust. Moreover, the methodology inculcates a risk optimization mindset and integrates trust into services and products from their inception.
Overcoming cybersecurity challenges:
• Governance and oversight are crucial for organizations to prevent cybersecurity incidents, manage risks, and support business objectives.
• Asset visibility is requisite for a clear understanding of all organizational assets, including a comprehensive inventory.
• Reliable technology is vital to creating secure systems that can safeguard data, applications, and infrastructure from cyber threats.
• Trusted components and periodic assessments are essential for identifying security vulnerabilities and prioritizing technological remediation efforts governed by business impact and risk appetite.
• Supply chain and third-party risk management help maintain organizational security and resilience in the face of constantly evolving cyber threats.
• AI-based monitoring and detection can distinguish between operational and cyber events, helping businesses determine the root cause of the incident with minimal human effort.
• Incident response plans allow organizations to promptly recognize and respond to security threats, thus minimizing the impact.
GREEN ENERGY IN THE PHILIPPINES
Developing and optimizing the country’s renewable energy sources underscores the Philippine sustainable energy agenda. As part of Republic Act 9513, the National Renewable Energy Program (NREP) seeks to drive energy security and improve access to clean energy. In line with this, the NREP aims to expand the country’s renewable energy-based capacity to 15,304 megawatts by 2030.
In 2018, the Green Energy Option program was introduced as a way for consumers to purchase electricity from renewable energy facilities. By 2021, the Energy Regulatory Commission promulgated rules to govern the program, setting technical and interconnection standards and fees for the facilities supplying renewable energy. According to Reuters, the Philippines currently ranks second in Southeast Asia in combined solar and wind power generation. By 2030, it will have added 17,809 MW of solar capacity and 7,856 MW of wind power to emerge as the top green power producer in the region.
THE WAY FORWARD
While technological developments have made renewable energy and green energy more accessible and economical, they also increase vulnerability to cyber risks and threats. With the acceleration of digitalization, companies should build cyber resilience in key areas for business continuity.
Digital transformation, enabled by disruptive technologies and innovations, has led to an increased adoption of renewable energy resources. Investing in green energy is a big step to reducing the gravity of global environmental risks. However, effective board governance will be imperative for organizations to mitigate the corresponding cybercrime and cybersecurity incidents and threats.
Organizations should focus on creating cyber resilience strategies and governance frameworks to foster a risk-aware culture. Creating a comprehensive methodology is critical to achieving business objectives related to reliability, cybersecurity, and environmental sustainability.
This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co.
Carlo Kristle G. Dimarucut is a technology consulting partner of SGV & Co.