NEVERHACK Estonia
12. juuni 2025
Cybersecurity meets clean energy: inside Sunly’s digital-first utility vision
When we envision the year 2300, we tend to picture hyper-connected cities, autonomous systems, and fully renewable energy sources. But here’s the twist: for some companies, that future has already begun. In the latest episode of CyberCast by NEVERHACK, host Ronnie Jaanhold speaks with Paul Post, Head of IT, Digitalization, and Security at Sunly, one of the most forward-thinking energy companies in the Baltics. Together, they unpack how cybersecurity, AI, and renewable power are converging—not in some distant utopia, but right now.
Sunly isn’t your typical utility provider. While many energy companies are burdened by decades of legacy infrastructure, Sunly started with a blank slate. No outdated systems. No slow-moving processes. Just a bold opportunity to design a tech-driven, secure, and highly nimble organization from day one. And that’s exactly what they’ve done.
From the start, Paul Post was handed a unique challenge: build Sunly’s IT and cybersecurity strategy from the ground up. There were no pre-existing teams or systems in place—just ambition and urgency.
“It was a clean slate,” Paul recalls. “We had 250 employees across four countries, but no real IT or cybersecurity infrastructure. It was an opportunity to do things right from the beginning.”
That opportunity came with enormous responsibility. Every decision would set the tone for the company’s future. The mission wasn’t just to build functional systems—it was to embed digitalization and security into the company’s DNA. And in a world where energy and internet infrastructure are becoming increasingly inseparable, that foundation has proven essential.
Building without baggage
Unlike legacy energy providers, Sunly didn’t have to retrofit digital tools into outdated frameworks. Instead, they could embrace a lean, modular, and automated approach to everything—from operations to security. Paul explains how Sunly’s structure allows them to stay nimble. They use modern architecture, cloud-native tools, and a “build only what’s needed” philosophy. That mindset lets them scale fast and adapt quickly without becoming bogged down in complexity.
More importantly, this flexibility is tightly connected to cybersecurity. “Security isn’t something we layered on later,” says Paul. “It was part of every decision from the start. It’s not an add-on. It’s in our DNA.”
Sunly conducts monthly vulnerability scans across its entire infrastructure. Their systems are built to support real-time visibility, continuous patching, and proactive anomaly detection. After a startling first-year cybersecurity audit in 2023, they didn’t just course correct—they doubled down. By the second annual assessment, progress was visible, measurable, and promising. For Paul, this was a personal milestone. It confirmed that their foundational approach was working.
The power of real-time data
What sets Sunly apart isn’t just that it uses data—it’s how they use it. In a sector defined by volatility (think weather patterns, electricity markets, and consumption spikes), real-time analytics are essential. Sunly has built systems that ingest weather forecasts, energy pricing, and asset performance data to make dynamic decisions about when and where electricity should flow.
For example, if solar energy is abundant but prices are low, Sunly diverts that energy into battery storage instead of the grid. When prices rise later, they release that stored energy at maximum value. This strategy doesn’t just optimize profits—it makes the entire energy system more stable and sustainable.
To pull this off, Sunly is even developing its own large language models (LLMs) to forecast consumption, production, and market pricing. This convergence of renewable energy and AI might sound futuristic, but for Sunly, it’s standard practice.
A peer-to-peer energy economy
Sunly’s innovation doesn’t stop at data. One of the most exciting ideas explored in the episode is how the company is transforming customers into collaborators. For businesses with solar panels and storage on-site, Sunly offers batteries that exceed their consumption needs. Why? Because the surplus capacity is aggregated across customers and traded on frequency reserve markets.
This creates a win-win. Companies not only consume green energy but also generate passive income from their unused capacity. It’s an entirely new business model—one that reimagines the relationship between energy producer and consumer.
According to Paul, this “crowdsourced grid” is still in its early stages, but the demand already outweighs their current capacity. As they build out both the commercial and retail sides of the business, the goal is to create a seamless ecosystem where every participant—whether a business or individual—is both a user and contributor.
Automating security and awareness
As innovative as their operational model is, Paul is equally focused on the human element of cybersecurity. “The biggest risks don’t come from systems,” he says. “They come from people.” And he’s right. Human error—often triggered by phishing, social engineering, or lapses in awareness—is still the root cause of many breaches.
To address this, Sunly has deployed a fully automated, AI-driven phishing simulation system. It mimics real-world attacks, tracks how employees respond, and continuously adapts based on their behavior. The platform not only tests employees but also learns from their patterns, identifies vulnerable groups, and delivers targeted awareness campaigns without requiring manual intervention.
It’s a perfect example of how Sunly marries automation and education—two pillars that are often at odds in traditional security cultures.
The bigger threat landscape
Of course, Sunly operates in a world where threats are escalating. From ransomware to state-sponsored attacks, the energy sector is increasingly in the crosshairs. And as geopolitical tensions rise, grid operators like Sunly become high-value targets.
Paul doesn’t sugarcoat it. “The red dot is on your back,” he says, referring to the way attackers view energy providers. “We’re constantly paranoid. And that’s necessary.” He emphasizes that their approach to threat management is built on visibility, monitoring, and continuous benchmarking. But the truth is: no system is invincible.
What makes the difference is how quickly you can detect, contain, and recover. And in this regard, Sunly’s agility may be its greatest defense.
Vendors, trust, and the unseen risks
Another key concern raised in the episode is the issue of vendor trust. As more critical systems become outsourced or depend on third-party providers, the attack surface expands. Sunly tackles this with transparent onboarding, regular audits, and strict service-level agreements. But Paul is candid about the risks. Even the best systems can be compromised if a trusted vendor fails to secure their part of the chain.
It’s a reminder that in today’s interconnected world, cybersecurity isn’t just internal—it’s a shared responsibility across ecosystems.
Electricity and internet: the inseparable future
The episode closes with a reflection on its title—“Which came first: electricity or the internet?” While it may sound philosophical, it reveals a profound truth: the lines between power infrastructure and digital infrastructure are disappearing. You can’t operate a modern grid without connectivity. And you can’t run the internet without stable electricity.
The two are no longer separate domains—they are one system. And that system must be secure, resilient, and intelligent. Sunly is living proof of what’s possible when you stop treating cybersecurity, data, and energy as silos—and start building them as a whole.
_________
This conversation with Paul Post offers more than just insights into a single company. It’s a glimpse into how critical infrastructure should be built in the digital age.
The lessons are clear: design with agility, secure from the start, trust data (but verify it), and never stop learning—especially from your own people.
