CEER publishes its new Cybersecurity Report on Europe’s Electricity and Gas Sectors
Today, the Council of European Energy Regulators (CEER) has published itsCybersecurity Report on Europe's Electricity and Gas Sectors. This report describes the view of the cybersecurity landscape of the National Regulatory Authorities (NRAs) in CEER. The report gives an overview of the state of cybersecurity in the energy sector, with a particular focus on the need for trust, the use of Cloud computing, Big Data analytics and the European legislative environment, including the NIS Directive, GDPR and the Clean Energy for All Europeans Package.
The report outlines recommendations concerning those regulatory and organisational aspects which may help in improving the effectiveness of cybersecurity. Some key recommendations include:
Even companies not listed as Operators of Essential Services (OES) should strive to follow similarly high standards;
NRAs should engage with energy stakeholders on implementing European-level legislation and best practices;
NRAs will need to develop capacity to evaluate cybersecurity expenditure in regulated entities; and
Energy companies should have a cybersecurity strategy and they should set clear and effective cybersecurity measures prior to embracing new technologies such as Cloud computing.