DNV aims to boost cyber security in energy sector through Applied Risk acquisition

Jalal Bouhdada, CEO of Applied Risk, and Liv Hovem, CEO of DNV Accelerator. Image: DNV.

Assurance and risk management provider DNV is acquiring cyber security firm Applied Risk as it looks to build a security practice focused on defending industrial assets against emergent cyber threats.

Netherlands-based Applied Risk was established in 2012 and has a client portfolio spanning sectors including energy, utilities, manufacturing and transport.

Post-acquisition, its team will join forces with DNV’s cyber security specialists, who work with governments and corporations to keep projects and operations secure.

Citing research from cyber security firm Fortinet, DNV said 90% of companies in the manufacturing, energy and utilities, healthcare and transportation sectors suffered an attack on the computing systems managing their industrial operations during 2020.

“Industrial assets such as wind farms, oil and gas infrastructure, ships, manufacturing facilities and medical equipment are now at higher risk of new forms of cyber attack as their control systems become increasingly connected,” said DNV CEO Remi Eriksen.

The acquisition follows DNV publishing guidelines aimed at defending power grid substations from cyber attacks. When that recommended practice was released in September, DNV made reference to an attack on a host of Ukraine’s power grid substations in 2015 that left around 250,000 without power.

In the US, an initiative announced last year has brought together government bodies and the private sector to identify best practices for solar cyber security.