Pakistan's energy sector is facing growing cyber security challenges as rapid digitalisation transforms power generation, transmission and distribution systems, with a new industry report warning that increased connectivity is exposing critical infrastructure to rising cyber risks.

A joint report by Kaspersky and VDC Research, titled 'Powering Cyber Resilience in the Energy Sector,' found that while fewer than five percent of energy organisations are currently fully digital, nearly three-quarters expect to reach that stage within the next two years.

The study noted that digital transformation is reshaping the industry by improving operational efficiency, reliability and system performance. However, the expansion of interconnected technologies is also creating new vulnerabilities that could affect operational continuity and grid stability.

According to the report, more than half of the surveyed energy organisations experienced cyber incidents that resulted in losses exceeding $1 million, underlining the financial and operational consequences of inadequate cyber protection.

Energy companies are increasingly deploying advanced technologies such as artificial intelligence-based analytics, digital twins and predictive maintenance systems to better manage electricity supply and demand, identify faults and reduce outages. These tools are becoming central to efforts aimed at modernising infrastructure and enhancing service reliability.

The report also highlighted the growing use of automation technologies, including drones and robotics, to improve inspection processes and strengthen performance indicators such as system reliability and outage duration.

Despite these advances, the study identified a shortage of specialised cybersecurity expertise as a significant obstacle. More than 45 percent of organisations surveyed cited gaps in industrial cybersecurity talent, raising concerns about the sector's ability to secure increasingly complex digital environments.

Another challenge highlighted by the report is the lack of alignment between information technology and operational technology teams. Nearly three-quarters of respondents said cybersecurity for control systems is managed by IT departments, while fewer than 10 percent reported that operational teams hold primary responsibility. The report warned that such organisational divides could create inconsistencies in cybersecurity strategies and weaken overall resilience as digital infrastructure continues to expand.

As Pakistan's energy industry embraces digital technologies to improve efficiency and reliability, the findings suggest that strengthening cyber resilience may become as important as investing in new systems, particularly as the sector moves rapidly towards a more connected and technology-driven future.