Blog
Best Practices for BESS Cybersecurity in an Era of Rising Threats
April 4, 2025
Securing the Grid: Best Practices for BESS Cybersecurity in an Era of Rising Threats
As today’s grid becomes increasingly digital and complex, its vulnerability to cyber threats grows. Utilities have long been targeted by bad actors looking to cause harm to critical, interconnected infrastructure. However, cyber-attacks on U.S. utilities have risen significantly in recent years, surging 70% in 2024 alone. As battery energy storage systems (BESS) play an increasingly vital role in maintaining grid reliability and resilience, they also become attractive targets. Successful cyber-attacks on grid-connected BESS could have an outsized, cascading impact on the power network, its operators, and its customers.
The impact of cybersecurity breaches can be devastating, costing an average of $4 million per incident worldwide. Beyond financial losses, attacks on energy infrastructure can result in power outages and disruptions to critical utility services that threaten public health and safety. Cyber-insurance premiums for utilities have been steadily rising – with a notable 25-30% spike in 2022 – indicating that risks are growing throughout the industry.
At EVLO, we believe that protecting BESS assets from cyber threats requires a layered, proactive approach to cybersecurity, with security measures embedded at every stage – from design and development to deployment and operation.
Common BESS Cyber Threats
The most prevalent BESS cyber threats today include:
- Ransomware: Accounting for 70% of all cyberattacks, ransomware locks organizations out of their own data until a ransom is paid.
- Data Breaches: When sensitive personal or operational data is accessed by unauthorized parties, system security is compromised, and attackers gain valuable intelligence.
- Worms and Viruses: These malware threats can replicate and spread through networks, exploiting vulnerabilities. This is becoming a growing concern in the energy sector due to geopolitical conflicts.
It’s important to note that some of the most damaging breaches don’t come from sophisticated cybercriminals. Many are due to simple mistakes, like misconfigured settings or phishing attacks that trick employees into granting access to internal systems. Regular training and awareness programs can significantly reduce the risk of accidental security lapses.
At EVLO, we provide comprehensive training led by industry experts for all stakeholders involved in BESS projects. Similar to our approach with worker safety training, our cybersecurity education emphasizes both foundational knowledge and site-specific protocols, ensuring that everyone from operators to maintenance personnel understands their role in maintaining system security.
EVLO also adheres to cybersecurity best practices when establishing and maintaining third-party partnerships, ensuring we work only with trusted and verified suppliers. Every third-party connection – whether a software provider, component supplier, or maintenance contractor – introduces risk. Bills of material, which provide detailed records of each component’s origin, manufacturing process, and handling history, are also becoming more popular for suppliers to guarantee the safety and security of their products.
BESS Cybersecurity Best Practices: Security by Design
Thanks to our parent company Hydro-Québec’s deep experience in the industry, EVLO’s utility mindset ensures that security isn’t an add-on feature or afterthought, but an integral part of all our systems. We adhere to a “security-by-design” approach, incorporating secure communication protocols, encryption, and strict access controls at every level of system architecture.
Cybersecurity measures are included from the earliest stages of design and development, and we conduct thorough risk assessments to identify potential vulnerabilities before deployment. By embedding protections from day one, BESS integrators can prevent unauthorized access, safeguard data integrity, and ensure operational resilience.
BESS Cybersecurity Best Practices: Regulations and Standards
When it comes to BESS cybersecurity protocols, we recommend creating a multi-faceted approach, starting with the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP), a set of mandatory cybersecurity standards that apply to entities that own or manage grid-connected facilities in North America. EVLO is NERC CIP-ready. All requirements were injected in the development of our product, ensuring robust cybersecurity, regulatory compliance, and operational reliability.
With NERC CIP as a foundation, organizations can supplement by adding layers from other frameworks to meet specific customer needs and ensure robust cybersecurity measures throughout the system. Soon, EVLO will begin an audit SOC 2 Type 2 to streamline the share of our cybersecurity posture with our customers.
BESS Cybersecurity Best Practices: Real-World Testing to Enhance Security
EVLO leverages our state-of-the-art test line facility at IREQ (Institut de recherche d’Hydro-Québec), a world-renowned research center, to validate performance before installation. Unlike conventional Functional Integration Testing (FIT) conducted in indoor laboratories, our advanced test line enables connection to a 25-kilovolt (kV) distribution grid, subjecting each system to real-world conditions.
This testing allows us to push our systems to their limits and beyond, identifying potential issues that may only surface during commercial operation. By exposing our systems to live grid scenarios, we identify edge cases, improve product safety, and enhance performance while minimizing risks for end users. This approach ensures our technologies operate safely and effectively from day one.
Advanced Security Measures: The EVLOGIX Advantage
At the core of EVLO’s cybersecurity approach is our proprietary EVLOGIX energy management system (EMS). This sophisticated software features internally developed algorithms that optimize power flow and ensure industry-leading cybersecurity protections. Drawing on our utility heritage, EVLOGIX implements industrial-grade SCADA security protocols to protect critical operational technologies, with many layers and failsafe, while applying high-grade encryption and robust authentication mechanisms to secure all communications and access points.
The system also enables secured interface accessibility for safe remote supervision without compromising security, and it includes a sophisticated alarm system that delivers notifications for security events at our SOC. EVLOGIX’s enabled analytics with secure duplicated data backups provide continuous visibility into system performance and security status.
Beyond these technical features, EVLOGIX supports comprehensive recovery planning with clear protocols for roles, responsibilities, and communication strategies that enable swift and coordinated responses to security incidents.
The Future of BESS Cybersecurity
The cybersecurity landscape is rapidly evolving, with attackers now leveraging sophisticated technologies to bypass traditional defenses. In response, BESS integrators are increasingly using AI and machine learning to detect anomalies, predict threats, and automate responses. EVLO anticipates greater integration between IT and OT security systems in the future, creating more comprehensive protection strategies as our grid grows increasingly interconnected.
The regulatory landscape is also tightening, with more states passing data privacy laws and utilities strengthening their data protection measures. For utilities and developers, prioritizing cybersecurity at every stage of BESS deployment is no longer optional – it’s essential. Future-proofing these systems will require continuous investment, collaboration among all stakeholders, and a holistic approach that prioritizes safety throughout the product lifecycle.
At EVLO, we view cybersecurity not as a set of constraints, but as added value that enables us to deliver high-quality, resilient products that deliver reliable, safe grid support
With EVLO, you can trust in a secure, efficient, and resilient energy storage solution that safeguards your investments and contributes to a more secure grid for tomorrow.