Podcast

Who is responsible for cybersecurity at wind parks?

Mohamed Harrou, OT security engineer at energy supplier Amprion, explains the added value of OT security in wind farms and PV systems. With 12 years of experience in renewable energy systems, he provides practical insights into the technological and organizational challenges of modern wind parks and gives a surprising and rather unsettling answer to the question of responsibilities.

Duration:
25 min

Guest in this episode:

Mohamed Harou
OT Security Engineer Amprion Offshore

Listen to us also on:

Spotify ButtonApple Podcast Button

Transcript

Keywords

OT security, cybersecurity, renewable energy, wind park, PV systems, NIS2, critical infrastructure, compliance, energy sector, stakeholders  

Takeaways

  • OT security is becoming increasingly important in the field of renewable energy systems (RES).
  • The complexity of modern energy systems and organization has multiplied.
  • NIS2 means that all energy companies and service providers in the sector must review their compliance status.
  • Cybersecurity also improves the availability of EEAs and ensures efficient operations.
  • Cybersecurity is a matter of investment protection and risk management.
  • Responsibilities for cybersecurity at wind farms and PV parks are far from clear. Stakeholders need to proactively coordinate their efforts.

Pull Quotes

  • “The complexity of renewable energy systems has grown enormously. We now have many more devices, much more complex devices, and many more people involved. You have the direct marketer, you have the grid operator, you have environmental monitoring, and so on and so forth.”
  • “The energy sector is the mother of all critical infrastructures.”
  • “When you deal with IT security, you also get systems that run more reliably and securely. There are many things that are introduced through cybersecurity that also help operational processes.”
  • “A hacker has the ability to not only encrypt the SCADA system, rendering a wind farm inoperable. In theory, there is even a risk of physical damage to the wind turbines. How expensive can IT security be that you take this risk? And does your own insurance really pay for it?"

Chapter

00:00 Introduction to OT security in renewable energy sources (RES)  

03:01 The development of RES complexity from 2012 to today

06:09 NIS2 and the legal framework for EEA operators  

09:04 Understanding thresholds for critical infrastructure  

11:48 Penalties under NIS2 and the German IT Security Act (IT-SiG) 2.0

12:25 Network structure and stakeholders in RES  

18:15 Relevance of cybersecurity for reliable operation and efficient management of utilities

19:55 Who is responsible for cybersecurity in wind parks?

23:33 Risk management in RES

24:19 Closing remarks

Share on
Facebook Icon weissLikedIn Icon weissXing Icon

You might also be interested in these podcasts

Jun 3, 2025
27 min

What do we need to deter insider threats?

Mandana White, CEO of Smart Grid Forums, talks about the rise of insider threats to a company’s cybersecurity and what it has to do with the cost-of-living crisis as well as the Western Robin Hood mentality. Diving a bit into societal psychology and politics there might even be a bit to learn from – of all places – Dubai to get IT and OT cybersecurity working in both companies and society.

Listen now
May 22, 2025
19 min

How to build a SIEM SOC in OT?

Zeek Muratovic, Director of Security Operations at Landis+Gyr talks about the first steps to build a SIEM SOC in OT environments. Being a pragmatist, he proposes a step-by-step approach that prevents OT operators from overkilling their budget AND workload.

Listen now
May 6, 2025
25 min

How to implement Zero Trust in OT environments?

Zero Trust expert Stefan Sebastian talks us through the process of Zero Trust in critical OT networks like substations - and explains why this will be the make segmentation obsolete.

Listen now
Anne Grätz

Get in touch with us

Write or call us to discuss your requirements for OT cybersecurity and intrusion detection.
Contact us