CEER publishes its new Cybersecurity Report on Europe’s Electricity and Gas Sectors

Today, the Council of European Energy Regulators (CEER) has published its Cybersecurity Report on Europe's Electricity and Gas Sectors. This report describes the view of the cybersecurity landscape of the National Regulatory Authorities (NRAs) in CEER. The report gives an overview of the state of cybersecurity in the energy sector, with a particular focus on the need for trust, the use of Cloud computing, Big Data analytics and the European legislative environment, including the NIS Directive, GDPR and the Clean Energy for All Europeans Package.

The report outlines recommendations concerning those regulatory and organisational aspects which may help in improving the effectiveness of cybersecurity. Some key recommendations include:

  • Even companies not listed as Operators of Essential Services (OES) should strive to follow similarly high standards;
  • NRAs should engage with energy stakeholders on implementing European-level legislation and best practices;
  • NRAs will need to develop capacity to evaluate cybersecurity expenditure in regulated entities; and
  • Energy companies should have a cybersecurity strategy and they should set clear and effective cybersecurity measures prior to embracing new technologies such as Cloud computing.

This report is part of CEER’s strategy to prepare for and respond to the increasing digitalisation of energy markets. For more on this, see the Public Consultation document on CEER’s proposed 3D strategy.



Tel: +32 2 788 73 30