Great read on the components of the new EU cyber Rules for Electricity Providers. The Aggressive: "Will require cyber regulators in each EU country to share information with counterparts in other member states within 24 hours of a company disclosing a cyberattack." Complete Opposite of Being Aggressive: "Electricity providers also will need to carry out assessments every three years to identify cyber risks and then implement protections to prevent major problems." #cybersecurity #criticalinfrastructure #riskmanagement #penetrationtesting
Kevin Thomas, CISSP, PCI QSA, CRISC, HITRUST’s Post
More Relevant Posts
-
Chief Growth Officer at Loopli | Transforming the Security Realm with Innovative AI-Driven Cybersecurity Solutions and Fairy Tale-Based Training | Expanding to New York City
Electricity providers in Europe will soon have to perform cybersecurity risk assessments for regulators, including disclosing incidents, reporting threats and implementing safeguards, under coming rules that aim to prevent hacks from causing blackouts in multiple countries.
New EU Cyber Rules for Electricity Providers Aim to Prevent Cascading Outages
wsj.com
To view or add a comment, sign in
-
Dynamic Senior Account Executive, Client Partner, and Business Development Enthusiast – poised to ignite growth and transform businesses. With a sprinkle of magic, I turn challenges into opportunities.
Coming rules regarding cybersecurity that aim to prevent hacks from causing blackouts in multiple countries #futureworktrends #technologywizards (in-article links/comments) Full WSJ Pro Cybersecurity article: https://lnkd.in/g8XAWyBt
New EU Cyber Rules for Electricity Providers Aim to Prevent Cascading Outages
wsj.com
To view or add a comment, sign in
-
New EU cyber rules that mandate audits every three years are a commendable step toward enhancing the resilience of our power grids against cyber threats. However, the real effectiveness of these measures hinges not just on periodic assessments, but on the robust testing of security controls. The current system suffers from significant delays between the identification of security issues and the implementation of solutions, which can compromise grid integrity. Identifying vulnerabilities is crucial, but promptly addressing these weaknesses is table stakes. To truly safeguard our power systems, we need to shift towards continuous improvement in cybersecurity practices. This includes ongoing assessments, monitoring, and remediation to close the gap between problem recognition and action. This proactive approach is not just vital for the EU; it should be a model for other regions, including the United States. With increasing threats to critical infrastructure, such as water and wastewater systems—which represent a vulnerable aspect of national security—the need for continuous cybersecurity measures is more pressing than ever. Source: Catherine Stupp at The Wall Street Journal https://lnkd.in/ePwuZuym #cybersecurity #criticalinfrastructure #strategy #energy
New EU Cyber Rules for Electricity Providers Aim to Prevent Cascading Outages
wsj.com
To view or add a comment, sign in
-
https://lnkd.in/e-_MVD96 National Grid is preparing to deploy “honeypots” ahead of a government deadline to upgrade its cyber security defences under the UK Network and Information Systems Regulations act. Energy regulator Ofgem has set a December 2023 deadline for gas and electricity companies to comply with newly-tightened rules. #cyber #cyberriskmanagement #cni #criticalinfrastructureprotection #executivesearch Howgate Sable
National Grid plots ‘honeypots’ to catch hackers as cyber attacks ramp up
telegraph.co.uk
To view or add a comment, sign in
-
The European Commission has adopted the first-ever EU #network code on #cybersecurity for the electricity sector (C/2024/1383) It will support a high, common level of cybersecurity for cross-border electricity flows in Europe. The dossier now passes to the Council and European Parliament to scrutinise the text and the rules will enter into force once this period is over. The network code aims to establish a recurrent process of cybersecurity risk assessments in the #electricity sector. These assessments are aimed at systematically identifying the entities that perform digitalised processes with a critical or high impact in cross-border electricity flows, their cybersecurity risks, and then the necessary mitigating measures that are needed. For that, this network code establishes a #governance model that uses and is aligned with existing mechanisms established in horizontal EU legislation, notably the revised Network and Information Security Directive (#NIS2).
To view or add a comment, sign in
-
Re cyber governance culture in the US electricity sector, a blunt assessment. (From the latest edition of SANS NewsBites.)
To view or add a comment, sign in
-
-
CISO at a Private Bank ★ Leader ★ Techie ★ Business Enabler ★ I mature cyber risk management to proactively protect against cyber threats, enabling your cyber resilience.
National Grid removes Chinese-made equipment from UK's electricity network over cybersecurity concerns 🚨 The UK's National Grid has reportedly removing Chinese-made equipment from its electricity network over cybersecurity concerns. The move comes after consulting with the National Cyber Security Centre (NCSC). The equipment being removed is used to manage communication between energy projects and the grid, and to balance the grid to minimize the risk of blackouts. This is the latest example of a Chinese company being ousted from the UK's critical infrastructure network over cybersecurity concerns. In 2020, the UK banned Huawei from its 5G network. The UK government is concerned that Chinese companies could be compelled by the Chinese government to share sensitive data. This move is likely to further strain relations between the UK and China. https://lnkd.in/etGmPSGt #cybersecurity #CNI
To view or add a comment, sign in
-
-
The Iranian CyberAv3ngers group’s simplistic exploitation of Unitronics PLCs highlights the cybersecurity weaknesses in US water utilities, the need to get devices disconnected from the internet, and renewed interest in regulation. https://lnkd.in/gu-sB8BY
Water system attacks spark calls for cybersecurity regulation
csoonline.com
To view or add a comment, sign in
-
The Iranian CyberAv3ngers group’s simplistic exploitation of Unitronics PLCs highlights the cybersecurity weaknesses in US water utilities, the need to get devices disconnected from the internet, and renewed interest in regulation. https://lnkd.in/ehri4jiQ
Water system attacks spark calls for cybersecurity regulation
csoonline.com
To view or add a comment, sign in
-
Strategic Account Executive | Driving Growth with Strategic Solutions | Cybersecurity, Cloud, Network, Infrastucture, Vulnerabilty Management
The Iranian CyberAv3ngers group’s simplistic exploitation of Unitronics PLCs highlights the cybersecurity weaknesses in US water utilities, the need to get devices disconnected from the internet, and renewed interest in regulation. https://lnkd.in/e8NaXr8Y
Water system attacks spark calls for cybersecurity regulation
csoonline.com
To view or add a comment, sign in