EU Is Tightening Cybersecurity for Energy Providers

Posted by Peter Tolan 2 years Ago

 

The energy sector has faced numerous challenges over the past decade, from plummeting oil prices during the COVID pandemic to disruptive cyberattacks and geopolitical tensions. Now, electricity providers are bracing for another blow with the adoption of new cybersecurity rules by the European Commission on March 11th, 2024.

These rules, known as the EU network code on cybersecurity for the electricity sector (C/2024/1383), aim to establish a recurring process of cybersecurity risk assessments in the electricity sector. While this news may be cause for celebration for cybersecurity professionals, it presents challenges for electricity providers.

The EU’s commitment to improving critical infrastructure cybersecurity dates back to 2019, with the adoption of sector-specific guidance and the Clean Energy for All Europeans package. The new network code builds upon these efforts, aiming to standardize cybersecurity risk assessments and establish a governance model aligned with the existing Network and Information Security Directive (NIS2).

Key provisions of the network code include the requirement for entities involved in cross-border electricity flows to perform cybersecurity risk assessments every three years and implement necessary mitigating measures. This extends not only to electricity providers but also to their suppliers and equipment manufacturers, increasing the security of supply chains.

One significant aspect of the legislation is its emphasis on information sharing. Regulators are required to share information about breaches and vulnerabilities affecting the electricity sector within 24 hours. While this is welcomed by cybersecurity professionals, it may pose challenges for electricity providers reluctant to disclose breaches for competitive reasons.

Overall, while compliance with the new rules may strain resources for electricity providers, the EU network code on cybersecurity for the electricity sector represents a crucial step in improving critical infrastructure cybersecurity at a time of increasing threats.

Source: tripwire.com

Peter Tolan
View More Posts
Peter Tolan is a Junior Content Editor for the HIPTHER network, where he has quickly established himself as a versatile voice in the global iGaming and technology sectors. Operating across the network's specialized platforms, Peter leverages a deep understanding of the European and American gaming landscapes to deliver high-impact, B2B intelligence. He is a key contributor to the "Evolution" side of the industry, specializing in the analysis of online gaming trends, the fast-paced world of esports, and the integration of deep-tech innovations. With a sharp eye for emerging technologies, Peter ensures that the HIPTHER community remains at the forefront of the global digital revolution.