How many cyber-attack avenues lead directly to your customers’ homes?
The rollout of smart electricity meters promises more insight than ever before. But how should the risks be addressed to maintain consumer trust?
In 2009, an EU directive came into force, mandating utilities providers to replace existing residential electricity meters with new smart meters by 2020. This presented a big challenge for utilities due to the nature and complexity of new smart metering systems and supporting infrastructure.
One such organization is a client of EY, a state-owned utilities company in Europe. The sheer scale of the challenge was enormous: the client needed to deploy over 2 million smart meters and supporting data and communications systems using a range of service providers, making it one of the largest and most complex digital transformation programs the country had ever undertaken.
Smart meters promise all kinds of benefits for the electricity company, the customer and the environment – new data can enable new business models and greater awareness of consumption. But smart meters also generate vast amounts of personally identifiable data, which can potentially be used in fraudulent ways to target the customer.
The electricity company had to ask itself how would it design and build robust governance and cybersecurity frameworks to protect its customers’ data getting into the hands of the wrong people, especially as this is subject to GDPR regulation? And now that large parts of the country’s energy value chain would be digitalized, the company also had to consider, how would it also protect the electricity grid from cyber-attacks, and maintain a continuous supply of electricity to the critical infrastructure?