Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cybersecurity, an important element of stability for the energy sector

Published byReynard Simon Modified over 6 years ago

Similar presentations

Presentation on theme: "Cybersecurity, an important element of stability for the energy sector"— Presentation transcript:

1 Cybersecurity, an important element of stability for the energy sector
Dr Fergal McNamara Head of Unit – Distribution System Operation Public Hearing on the ‘Cybersecurity Act’, EESC 9 January 2018 @HOU_DSO @EURELECTRIC #itsElectric

2 EURELECTRIC Who we are

3 Society is highly dependant on critical services
Society is highly dependant on critical services..and the power grid stands out

4 DSOs are key facilitators in todays energy system
€ billion 2400 investment in networks this decade distribution companies 260 million connected customers Moreover, the number of potential points for monitoring and control, the substations and control points that are the nodes in the network, exceed 4-million substations in the electricity network alone. Each monitoring and control point is a potentially open door for a cyber attack. 10 million km 200 million of power lines across Europe smart meters installed by 2020

5 More connectivity and interfaces potentially more vulnerability
DSOs grid management is increasingly digitalised with unpreceded complexity: think smart grids roll out, advanced metering applications, prosumers, etc.

6 The threat is real In the last decade, there were on average nearly 400 serious attacks on energy infrastructure annually worldwide but only well under 200 attacks prior to 2000 Source: Energy Infrastructure Attack Database Prominent incidents (and learning curves): Ukraine, December Ukraine, December 2016 3 DSOs compromised Only 1 DSO affected, swift system recovery people affected 1-6 hours to recover USA, June 2013 ‘Ugly Gorilla’ hack into utility gas networks discovered by FBI Confidential information such as pipeline schematics have been copied Intruder already gained access to systems that regulate the flow of natural gas It should be noted that hackers broke into the Ukrainian networks nine months before the outage and five out of the eight attacked power distribution companies have been able to detect and mitigate the incident before it had effects on the main system. Hence, intrusion detection systems and processes are the cornerstone of cyber security when it comes to network operators.

7 What needs to be done from a DSO perspective
DSOs are already addressing the challenge in line with the NIS Directive, GDPR revision and upcoming ‘Cybersecurity act’ Energy specific regulatory tools in the making: A future ‘Network Code’ on cyber security – directly applicable EU Regulation with four key objectives: Developing a ‘EU Cybersecurity Maturity Framework’ – bringing all System operators to a minimum security level Supply chain management – baseline security requirements for products and services in line with relevant IEC standards Early warning system for cyber threats – in line and adding on the current reporting system of the NIS Directive Tackling aspects of cross-border risk management – taking into account the interconnectivity of our power system Network code on cyber security scope is an outcome of a dedicated Smart Grid Task Force Expert group which is initiated by the European Commission and set up in spring 2017

8 What needs to be done from a DSO perspective II
Development focus: People & skills Technology Procedures Key Security domains: Identify & protect Monitor & detect Respond & recover Take into account specificities of energy networks: System operators are regulated entities dealing with critical infrastructures Necessary expenditure for cyber security investments and organisational transformation can be potentially costly European and National legislation should work as an enabler if the Regulator recognises the need of an investment to enhance cybersecurity To achieve a high level of cyber security across the electrical grid at European level, network operators should have a well-structured cyber security strategy, based on risk assessment schemes. They should also develop a breach detection and response capability to minimise the damage that a cyber attack might cause. Moreover, its not only about the right technology and procedures in place, but striving towards a cyber security culture. This can be realised only with the support of European and National authorities, and by making cyber security a top priority at the highest level of management, facilitating its inclusion in the company’s strategy and enabling proper investment to allow sufficient resources and awareness at all levels.

9 Eurelectric work on this subject
Dedicated report on Smart Grid Cyber Security Addressing cyber security threats as a pan-European and cross-industrial challenge Key topics: Sector specific threats and challenges Current and potential legislative frameworks National & European initiatives on Smart Grid Cyber Security Guidelines for enhancing cyber security capabilities

10 Not only threats but also opportunities The digitalisation trend produces an unprecedented amount of ‘big data’ in the energy sector and beyond Used data Dark data Data that is captured but never utilised To give it all a positive spin Source: IBM

11 Not only threats but also opportunities II Positive example: Tesco Ireland
Tesco invested strongly in monitoring infrastructure of their stores to make them more energy efficient The collected amount of data was vast – a dedicated analysis helped to untap a considerable energy saving potential The same is true for grids: example of dynamic line rating and related efficiency gains

12

Download ppt "Cybersecurity, an important element of stability for the energy sector"

Similar presentations

World Class Standards Smart Grids ETSI Strategic Topic Philippe Lucas © ETSI 2010. All rights reserved ETSI Smart Grid workshop, June 14th 2010.

World Class Standards Smart Grids ETSI Strategic Topic Philippe Lucas © ETSI All rights reserved ETSI Smart Grid workshop, June 14th 2010.
0 © 2011 Silver Spring Networks. All rights reserved. Building the Smart Grid.

0 © 2011 Silver Spring Networks. All rights reserved. Building the Smart Grid.
Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce

Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
August 8, 2015ECI Confidential. AccessWave Smart Grid Market Trends& Applications Matthias Nass VP Field Marketing EMEA.

August 8, 2015ECI Confidential. AccessWave Smart Grid Market Trends& Applications Matthias Nass VP Field Marketing EMEA.
Advanced Metering Infrastructure

Advanced Metering Infrastructure
K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.

K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.
Challenges Faced in Developing Audit Plans and Programs 21 st March, 2013.

Challenges Faced in Developing Audit Plans and Programs 21 st March, 2013.
Don Von Dollen Senior Program Manager, Data Integration & Communications Grid Interop December 4, 2012 A Utility Standards and Technology Adoption Framework.

Don Von Dollen Senior Program Manager, Data Integration & Communications Grid Interop December 4, 2012 A Utility Standards and Technology Adoption Framework.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
Isdefe ISXXXX-090000-1XX 5.10.2010 Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.

Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.
Protect critical information with a smart information-based-risk management strategy. Prepared by: Firas Mohamed Taher.

Protect critical information with a smart information-based-risk management strategy. Prepared by: Firas Mohamed Taher.
An Overview of the Smart Grid David K. Owens Chair, AABE Legislative Issues and Public Policy Committee AABE Smart Grid Working Group Webinar September.

An Overview of the Smart Grid David K. Owens Chair, AABE Legislative Issues and Public Policy Committee AABE Smart Grid Working Group Webinar September.
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.

1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No. 619682 ) Business Convergence WS#2 Smart Grid Technologies.

Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No ) Business Convergence WS#2 Smart Grid Technologies.
Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.

Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.
Role of Smart Grids in the Italian Energy Policy Strategy Marcello Capra General Directorate for Electricity Market, Renewables, Energy Efficiency and.

Role of Smart Grids in the Italian Energy Policy Strategy Marcello Capra General Directorate for Electricity Market, Renewables, Energy Efficiency and.
ITU CoE/ARB 11 th Annual Meeting of the Arab Network for Human Resources 16 – 18 December 2003; Khartoum - Sudan 1 The content is based on New OECD Guidelines.

ITU CoE/ARB 11 th Annual Meeting of the Arab Network for Human Resources 16 – 18 December 2003; Khartoum - Sudan 1 The content is based on New OECD Guidelines.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Weaving Security Blankets Make your own bespoke defensive toolkit Presentation by Max Cizauskas For BSides Toronto 2015.

Weaving Security Blankets Make your own bespoke defensive toolkit Presentation by Max Cizauskas For BSides Toronto 2015.

Similar presentations

Ads by Google