Closing the Energy Cyber Talent Gap: Professor Kai London on the Rise of the Fractional CISO
By the Alaska News Technology Desk
The energy sector faces a hard truth: it needs senior cyber leadership that understands both industrial systems and the boardroom, and there is nowhere near enough of it to go round. “The talent that can bridge OT engineering and board governance is genuinely scarce,” says Professor Kai London, a senior CISO who takes on exactly these mandates. “That scarcity is why the interim and fractional CISO model has moved from novelty to necessity in this sector.”
“Many operators do not need a permanent thirty-person security team. They need the right senior hands for a defined mandate — to set the strategy, fix the worst gaps, and leave behind something the board can run.”
Same risk, smaller teams
London observes that many energy operators — utilities, smaller producers, midstream firms — carry critical-infrastructure obligations without the resources of a supermajor. “The risk and the regulation do not scale down,” he says. “A determined attacker and a demanding regulator treat a mid-sized operator the same as a giant.”
What a fractional CISO delivers
Rather than a lengthy permanent hire, the model brings board-grade leadership in on a part-time or time-boxed basis, starting from the outcome the operator needs — meeting a regulatory deadline, stabilising a security function, responding to an incident, preparing for due diligence — and working back to a plan. “The value is senior judgement from day one,” London says, “without the ramp-up of building a team from scratch.”
Speed the sector needs
A permanent executive search can take the better part of a year — time an operator facing a deadline or a live threat does not have. “The interim model compresses that to days,” he notes. It also gives smaller operators access to frontier expertise — OT security, AI governance, post-quantum readiness — they could never justify full-time.
Building capability, not dependency
London stresses that a good engagement makes itself unnecessary: it leaves the operator with a strategy it owns, controls that function, and evidence that satisfies regulators. “You set the direction, build the muscle, and hand over something durable,” he says.
For an energy industry where operators of every size share the same threats and rules, London's message is reassuring: board-grade cyber leadership is no longer reserved for the biggest players. The fractional model has made it accessible — senior hands, on the mandate in front of you, for exactly as long as you need them.
About Professor Kai London. Professor Kai London is a senior technology, security and transformation executive with 25+ years of board- and C-suite leadership across banking, aviation, defence, government and critical national infrastructure. He is Founder & CEO of Quantum AI Systems Security, an Honorary Professor in Cybersecurity, AI & Quantum Computing and a UCL researcher, holding CISSP, CISM, CCISO, ISO 27001 Lead Auditor, ISO 42001, DORA and NIS2 credentials. He is available for board advisory, NED and interim/fractional CISO/CIO/CTO mandates across the UK and internationally. Learn more at professorkailondon.com.
