The Association of European Distribution System Operators (E.DSO), the European Energy Information Sharing and Analysis Centre (EE-ISAC), the European Network for Cyber Security (ENCS), and the European Union Agency for Cybersecurity (ENISA) hosted a public conference on power grid cybersecurity.
The conference gathered approximately 200 participants in Brussels and saw the participation of senior experts from the EU Commission, the TSO and DSO communities, the EU Energy regulator, and many others, including a delegation from Japan.
Cybersecurity regulations
The European cybersecurity stakeholder community has been working on cybersecurity regulations for energy grids for many years and they have reached the point of implementing various new regulations (NIS2, NCCS, revised RED, CRA).
In past editions of the forum, the expectations from the various stakeholders were highlighted, and challenges were identified and discussed.
Digitalisation and electrification
Stakeholders to cooperate in combating cybersecurity threats and the importance of reaching a balance
José Ferrari Careto, CEO, E-REDES; Vice-Chair, E.DSO and Chair, E.DSO Technology & Knowledge Sharing Committee, opened the Forum by stressing the importance of cybersecurity that converges the two biggest trends for the current power system: digitalisation and electrification.
In her keynote intervention, Monika Zsigri, Head of Unit for Energy Security and Safety at DG Energy, European Commission, underlined the need for all stakeholders to cooperate in combating cybersecurity threats and the importance of reaching a balance between fighting cyberattacks and remaining cost-effective.
Risk management
Central to the panel discussions was the question, of how will the community manage to implement the new regulations in place, and whether they can keep up with evolving threats? In addition, how can they avoid bureaucratic overload and cope with complex new threat developments like supply chain security?
In the 7th edition, sector experts provided real-life examples of the complex issues that need to be resolved to make risk management a practical approach to mitigate real issues effectively, including the development of an adequate methodology for risk management. Participants also discussed how to establish the execution power required to deal with advanced attacks and how to recover as quickly as possible.
Challenges of creating generic standards
Industry representatives highlighted the challenges of creating generic standards fit for multiple highly diverse use cases. Regulators and authorities showcased how scarce resources are constraining the speed of capacity building needed to arrive at the required execution power.
As supply chains grow longer and more complex, the importance of managing them properly to avoid cybersecurity risks was a key output of today’s event.
New regulatory frameworks
The whole electricity community, to create a new, more cyber-secure reality, and to harmonise the efforts
The implementation of the new regulatory frameworks will challenge end users, regulators, manufacturers, and electricity sector entities, i.e. the whole electricity community, to create a new, more cyber-secure reality, and to harmonise the efforts and resources of the parties involved.
The discussions concluded that with a results-focused, collaborative approach, the community has the opportunity to set a global benchmark for the security of the grid system.
Cybersecurity legislations
Manuel Sánchez, former Smart Grids Team Leader at the European Commission and Senior Advisor at Fleishman Hillard Europe closed the 7th Cybersecurity Forum by stressing the need to include in the risk management other stakeholders, such as DER, aggregators, and EV charging operators, to reach real collaboration and to make cybersecurity legislations work effectively.
