This week, as night fell on Spain and Portugal and plunged millions into the dark, the burning question for the population was: “Was it a cyberattack?”
Trains stopped, hospitals went to generator power, and the daily normal lives came screeching to a stop. Although power had been restored and early investigations pointed to a technical failure of the grid instead of cyber attack, the ordeal revealed a more profound vulnerability—not merely in technology but also in leadership and preparedness.
That cyberattack suspicions led headlines and official briefings-even after national cybersecurity authorities and grid operators discovered no signs of hacking-testifies to the shadow of suspicion that now looms over every significant infrastructure disruption.
When energy grids are, in the words of one senator, “highly attractive targets” for hostile states and cybercriminals, the distinction between technical failure and intentional attack is increasingly thin. Online misinformation and speculation added further complexity to crisis management and trust.
Would this crisis have unfolded differently if our leaders were better prepared for the cyber dimension? Absolutely.
The Iberian blackout event is a case in point where strategic cyber training at the executive level for high-ranking officials is paramount. The following analysis explains how such training might have changed the result.
- Informed and Speedy Crisis Management: Decision-makers with expertise in cyber risk and resilience would have had well-defined processes to differentiate between cyber incidents and technical failures, thereby preventing speculation and confusion in the crucial first few hours.
- Effective Communication: Having a clear picture of both cyber and operational realities, the officials could have spoken freely and authoritatively, debunking misinformation and addressing public fears.
- Cross-Sector Coordination: Strategic training builds relationships and common language between government agencies, grid operators, emergency responders, and cybersecurity agencies—facilitating rapid information sharing and enabling effective decision-making that accounts for the complete context.
- Scenario Planning and Exercises: Through routine simulation of incidents-both cyber and non-cyber-leaders would be ready to manage cascading failures and maintain the essential services, irrespective of the root cause.
- Resilience as a Mindset: First and foremost, a resilience culture at the very top of leadership would invest first in having redundancies, backup systems, and crisis playbooks ready, so that when something unexpected does happen, societies get a chance to recover and respond.
The blackout may not have been due to a cyberattack; however, it is conceivable that one could occur in the future with very similar, if not worse consequences.
In the words of Spanish Prime Minister Pedro Sánchez, “no hypothesis is being ruled out.” This brings us to a significant takeaway: the threat is genuine, and the opportunity for complacency has permanently expired.
Investment in strategic cyber leadership training does not imply making technology gurus out of government ministers and military generals. Rather, it entails equipping them to pose the right questions, make informed decisions, and lead from the front when the stakes are high. The idea is to make sure that, when faced with future power disruptions, our leaders are not left in the dark—literally and figuratively.
The blackout in Iberia should serve as a wake-up call. Let us make sure we are ready for whatever comes next.
I’m happy to help. Feel free to reach out.
lars.hilse@gmail.com
Lars Hilse
Lars G. A. Hilse is an independent political/corporate advisor, and expert/witness in information security with a focus on the risks of cyber terrorism, and cyber warfare, and their impact on the security of critical, national/global infrastructurewith degrees in electrical engineering, and finance.
He maintains close cooperations withmilitary, law enforcement, and the intelligence community, and actively contributes to some of the most difficult, and notable cybercrime investigations.
He acts as a cyber-crisis-manager, and through his vast network is able to deploy highly specialised cyber-incident-response teams globally at breathtaking speeds.
In his capacity as an information security consultant he performs state-of-the-art risk assessments & mitigation directives, crisis response protocols, and establishes cyber security maturity models.
Among his other talents are intelligence gathering, accessing fortified infrastructure/networks, forensics, all with a focus on social engineering and other unorthodox access methods.
Since his first exposure to the internet at age 13, Hilse has constantly broadened his skillset in cybersecurity, focussing on cyber crime, cyber terrorism, and cyber defence.
Due to his precise foresight of all developments in the digital realm for over 25 years, he is repeatedly referred to as a global thought leader in cyber security, and digital strategy.
Hilse has privately funded research in cybersecurity worth over USD $1.000.000 since 2011. Some of the results hereof were the Advanced Cybersecurity Risk Assessment Checklist (ACRAC), and the advancement of several information security maturity models, and numerous papers and books (see below).
He acts as a political advisor among others to the European Parliament, proposing highly individualised, complex, multi-phase approaches in which a threat-landscape is established, risks identified thereien are mitigated, after which a (legislative) framework will reduce the potential fallout of cyberattacks.
