, , , , , ,

In response to research that found cyber threats were shifting from data to operational technology, a division of Lloyd’s of London has announced a new type of insurance coverage to address increased cybersecurity risks to the electric utility industry.

“In-depth research by Lloyd’s of London insurer AEGIS London shows technology running the world’s critical infrastructure is increasingly at risk of cyber attack,” according to an April 9 press release announcing the CyberResilience insurance product.

The research, conducted by BAE Systems Applied Intelligence, focused on cyber attacks against power and utility companies in the United States, Europe and Canada. The research drew on incident reports from the U.S. Department of Homeland Security and the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

The findings also show that utility companies “are better prepared to deal with cyber threats to their operational technology than many recent media reports have indicated.” But the BAE Systems report laments a lack of technological solutions to address these cyber threats.

“The biggest challenges energy companies and utilities face are constraints outside their control such as the lack of ‘adequate and mature technology solutions,'” the AEGIS London press release states.

The new insurance product, and its focus on critical infrastructure operators, fits with the Obama administration’s push for more rigorous cybersecurity measures at industrial facilities. The White House’s recently released framework of cybersecurity standards is focused on protecting critical infrastructure, including power plants, and the Federal Energy Regulatory Commission has directed the utility industry to toughen its cyber protection requirements for the grid