On May 24, the European Commission published the first ever network code for cybersecurity of the EU electricity sector . The new rules are an important step to improve the cyber resilience of critical energy infrastructure and services in the EU based on a uniform European policy. The file is now being submitted to the European Council and the European Parliament and will enter into force afterwards.
Milestone
The publication of the Cybersecurity Network Code is an important milestone for the completion of the internal energy market and the achievement of the European Union's energy objectives, both at the level of transmission and electricity distribution networks.
The new network code was developed in response to the increasing digitalization and interconnection of national energy systems. It provides a common standard to ensure the security and reliability of the interconnected system by establishing common rules for conducting cybersecurity risk assessments, reporting cyber attacks, threats and vulnerabilities, and establishing cybersecurity risk management.
This concerns rules related to cybersecurity in the field of electricity, such as:
- a comprehensive cross-border risk management process;
- clear roles and responsibilities;
- minimum and advanced cybersecurity controls (mapped against selected European and international standards);
- cybersecurity information exchange to ensure timely information and a coordinated response from relevant stakeholders;
- rules for handling cyber attacks and crisis management;
- a cybersecurity exercise framework to strengthen the preparedness of all operators;
- rules for the protection of the exchange of information;
- a framework for monitoring, benchmarking and reporting. The netcode also contains recommendations for supply chain security.
Laws and frameworks
The network code arises from the Electricity Regulation (EU) 2019/943 (Article 59) and the 2022 EU Action Plan for the digitalization of the energy system and is made mandatory by EU law in the context of the Electricity Regulation (EU) 2019 /943 and in the 2022 EU action plan to digitalise the energy system.
It is also aligned with existing mechanisms set out in horizontal EU legislation, in particular the revised Network and Information Security Directive (NIS2) .
Collaborations
The network code was drawn up by The European Agency for the Cooperation of Energy Regulators (ACER), in collaboration with the European Network of Transmission System Operators (ENTSO-E) and the European Distribution System Operators Entity (DSO).
ENTSO-E, is the association for the cooperation of European transmission system operators (TSOs). The 40 affiliated TSOs, representing 36 countries, are responsible for the safe and coordinated operation of the European electricity system, the largest interconnected electricity grid in the world.
The EU DSO entity is a technical expert body mandated by the Electricity Market Regulation (2019/943/EU) to promote the functioning of the electricity market and facilitate the energy transition. The DSO entity represents more than 900 different distribution system operators (DSBs) connecting 250 million households to the electricity grid in 27 Member States.
Also see:
Bekijk al het nieuws