Brussels, 2 October 2024
The Association of European Distribution System Operators (E.DSO), the European Energy Information Sharing and Analysis Centre (EE-ISAC), the European Network for Cyber Security (ENCS) and the European Union Agency for Cybersecurity (ENISA) joined forces for the organisation of the 7th Cybersecurity Forum.
The conference was held in Brussels and brought together nearly 200 participants, featuring senior experts from the European Commission, the Transmission System Operator (TSO) and Distribution System Operator (DSO) community, the EU Energy regulator, as well as other key international representatives.
The longstanding efforts of the European cybersecurity community regarding cybersecurity regulations for energy grids have reached a significant milestone with the implementation of various new regulations, such as the NIS2, NCCS, revised RED and CRA. Previous editions of the Forum have highlighted the expectations of stakeholders and identified challenges ahead.
Considering the recent regulatory changes, discussions focused on next steps of the implementation process, in conjunction with developments in the cybersecurity threat landscape. Key challenges to address along the way include the emergence of new sophisticated threats targeting critical sectors, such as the supply chain, and bureaucratic overload.
Experts provided real-world examples of the complex issues that need to be resolved and apply a practical approach to risk management to effectively mitigate threats, such as the development of risk management methodology. Participants’ discussions also examined the establishment of the execution power required to deal with advanced attacks and rapid recovery. Industry representatives underlined the challenges of creating generic standards fit for the diverse use cases. Additionally, regulators and authorities revealed how scarce resources are constraining the speed of capacity building needed to achieve the required execution performance. A key output of the conference was the significance of effective supply chain management to prevent cybersecurity risks, especially as supply chains become longer and more complex.
The implementation of the new EU cybersecurity regulatory framework is expected to challenge end users, regulators, manufacturers and electricity sector entities and the rest of the electricity community, in their efforts to harmonise resources and create a new, cyber-secure reality. The conference concluded that adopting a results-focused, collaborative approach provides the opportunity to set a worldwide benchmark for grid system security.
Further information
- Energy sector — ENISA (europa.eu)
- Cyber Europe tests the EU Cyber Preparedness in the Energy Sector — ENISA (europa.eu)
- Cyber Europe 2024 — ENISA (europa.eu)
Source – ENISA