| | | 
Solar & Storage Succeed When Cybersecurity Leads
13 hours ago
Guest Contributor Tell Us What You're Thinking!
Support CleanTechnica's work through a Substack subscription or on Stripe.
Solar and energy storage are the lowest-cost, fastest-to-build technologies available to help meet rising electricity demand. The market is quickly responding to this reality. Solar and storage accounted for 84% of new grid capacity additions in 2024, and according to SEIA’s and Wood Mackenzie’s latest Solar Market Insight Report, these technologies made up 82% of new capacity added in the first half of 2025.
Power demand is rising fast, and solar and storage will continue to dominate through 2030 because they are available right now, while new gas, nuclear, and other fuels are years away from making a dent.
As solar and battery storage become more prevalent and the grid becomes increasingly digitally connected, cybersecurity must be a top priority to defend against nation states, hacktivists, criminal organizations, and other threats from obtaining unauthorized access or launching disruptive attacks against critical energy systems.
SEIA is leading the way to ensure that the industry continuously develops and implements best practices, from manufacturing “smart from the start” to operating projects and systems securely.
Threats against critical infrastructure from both state and non-state cyber actors have become more frequent and increasingly sophisticated. Since 2021, Chinese advanced persistent threat groups are targeting critical infrastructure and critical service sectors, including the telecommunications, transportation, lodging, water, and power sectors. In addition, cyber actors attributed to Russia and Iran continue to target critical infrastructure, including the energy sector.
Threats to the solar and storage industry are not just theoretical. Past history of publicly disclosed cyberattacks against solar energy systems shows that the threat actors have the capability and interest in targeting these critical systems. There are emerging areas of vulnerability that the solar industry is working to address to mitigate financial, reputational, and operational risks to the energy sector.
Much like the rest of the energy sector, solar and storage supply chains were not originally designed with security in mind. With many global sources and complex interdependencies, components that enable remote connectivity and digital control must be reliable and secure. While details are still scarce, recent reporting on the potential presence of undocumented communications devices in solar and storage technologies sourced from China underscores the need for policy, technical, and organizational approaches to address the cybersecurity of our energy supply chains.
An important element of bolstering the security of the energy supply chain is to reshore more of it to the United States. Global supply chains not only create digital risks, but also geopolitical ones. Reshoring production of solar modules, inverters, and batteries offers a way to reduce exposure to potential foreign interference, while strengthening domestic jobs and energy independence.
Though cybersecurity is an ever-evolving practice, some protections are evergreen. These include changing default passwords and using strong, unique passwords, removing operational technology (OT) connections from the internet, securing remote access, properly segmenting critical OT systems from enterprise IT networks, implementing and exercising incident response plans, manual backups, and network monitoring, and using a risk-based approach to manage and mitigate vulnerabilities. As the need for strong cybersecurity measures for the electric sector has grown, industry, government, and other stakeholders have worked to develop and disseminate new resources and tools.
For instance, SEIA, along with partners at the North American Reliability Corporation (NERC), Sandia National Laboratories, the U.S. Department of Energy, and the National Nuclear Security Administration, developed a comprehensive list of security recommendations for large-scale solar inverter-based resources and behind-the-meter distributed energy resources (DERs) to support secure and reliable energy delivery.
Similarly, the National Association of Regulatory Utility Commissioners (NARUC) partnered with DOE to develop cybersecurity baselines for electric distribution systems and DERs. The baselines will be followed by Implementation Strategies and Adoption Guidelines to support distribution system stakeholders in developing cybersecurity requirements.
SEIA is the leading voice for a secure and resilient solar and storage industry. In December, SEIA is hosting a half-day virtual symposium on cybersecurity and reliability for the solar and storage industry. This event will feature key insights and practices from leading experts to ensure solar and storage are the most reliable and secure energy sources on the grid.
Cybersecurity is not just one entity’s responsibility; we need all stakeholders to play an active role in securing this critical infrastructure. Learn more about why cybersecurity is essential to a thriving, American-made solar and storage industry.
Article from SEIA
cleantechnica.com |
|
