Since 2018, ENCS organises its knowledge development in 3 programs: policy, architecture, and operations. Below, you can explore what we have planned in these areas for 2021.
The thread connecting the 2021 activities is the upcoming Network Code on Cybersecurity. Since this legislation will have a major influence on the security programs of European grid operators, we plan to support our members in preparing for this change. The security programs of 2021 will therefore focus on the following activities:
- In the policy program, we will continue to support the drafting team, prepare methods to assess security risks in the electricity sector, and support our members in implementing an ISO/IEC 27001 Information Security Management System (ISMS) through the ISMS expert group.
- In the architecture program, we will support the development of a product assurance scheme by further developing our test plans for smart grid components.
- In the operations program, we will prepare for technical information sharing by setting up a community of OT Security Operations Center (SOC) analysts.
Below, you can read more about our security policy program for 2021.
Security policy program 2021
The security policy program 2021 aims to develop and share knowledge between security officers responsible for organisational security measures. The program covers security policies, regulations, and the development of Information Security Management Systems (ISMSs). Discover below what ENCS will focus on during the security policy program 2021.
The focus in 2021 will be on the Network Code for Cybersecurity. We expect that the final Network Code will be written during 2021. ENCS will continue to support the drafting team in writing the final Network Code and in setting up the risk management activities expected to follow from the Code.
Risks to the electricity supply chain
In the past years, we have worked to mitigate risks to grid operators caused by dependencies in the electricity supply chain. To keep the grid stable, it is no longer enough that grid operators keep only their own system secure. Cyberattacks on other parties that control a lot of power can also disrupt electricity supply. To mitigate these risks, we have worked on the risks of cyberattacks to the electric vehicle charging infrastructure with ElaadNL, and on the risks of distributed energy resources (DER) with WindEurope and SolarPower Europe. With Netbeheer Nederland, we completed a study of the most critical dependencies in the Dutch electricity grid.
During the security policy program 2021, we will organise a series of awareness sessions with our partners to reach the largest possible audience. As usual, you will be able to read several whitepapers published in support of these sessions. We will also continue to investigate and finetune our risk assessment method for the overall electricity supply chain.
ISMS expert group
Our expert group on Information Security Management Systems (ISMS) was formed in 2019 after a project with members. The group supports information-sharing between members who are setting up or using an ISMS, with a focus on certification according to ISO/IEC 27000, as this is the standard many of our members are implementing or already using. The expert group will continue its work during the security policy program 2021, this time with a focus on insider threats, risk assessment methods, and monitoring the effectiveness of measures.
Become an ENCS member
Are you interested in our cyber security programs? As an ENCS member, you can contribute to and learn from all our programs. Click below to learn more about our memberships.