Strengthening cybersecurity in Europe’s energy sector

On the 1st of October 2024, the 7^th E.DSO – EE-ISAC – ENCS – ENISA Cybersecurity Forum took place, bringing together leading voices from the energy and cybersecurity sectors. The event was a platform to address how Europe’s energy systems, increasingly dependent on digitalisation and electrification, can be safeguarded against rising cyber threats. With representatives from institutions like the European Commission and major energy companies, the forum provided critical insights into the challenges and solutions for protecting Europe’s energy infrastructure. The discussions highlighted key themes such as digitalisation, cooperation, legislation, and the rising threat of artificial intelligence (AI) in the cybersecurity landscape.

The digitalisation and electrification of energy systems

José Ferrari Careto, CEO of E-REDES and Vice-Chain of E.DSO, gave a keynote address highlighting two major trends that are transforming the energy landscape: digitalisation and electrification. As grids become more digital, powered by smart meters and new technologies, they also become more vulnerable to cyber threats. Careto emphasized the importance of collaboration, stating that no single entry can handle these challenges alone. A stable, well-defined regulatory framework is crucial, but it must also be implementable and backed by sufficient funding.

This aligns closely with DATA CELLAR’s mission to provide a holistic cybersecurity framework. By securing not just the databases and network communications but also higher-level services like datasets and AI models, the project ensures that energy data can be exchanged safely between stakeholders. This level of protection is essential for the secure digitalisation of energy systems that Careto stressed in his speech.

Addressing cybersecurity challenges

The opening session of the forum, led by Monika Zsigri from the European Commission’s DG ENER, underscored three critical pillars for a cyber-secure European energy system: effective implementation of cybersecurity measures, cooperation among all stakeholders, and finding a balance between security needs and costs. Zsigri pointed out that while more flexible and renewable energy systems are key to Europe’s energy future, they also increase the attached surface for potential cyber threats. Protecting this critical infrastructure is therefore more important than ever.

These insights reinforce the need for secure data handling in the energy sector. Within DATA CELLAR, the platform facilitates cooperation between energy players, from local communities to larger authorities, by providing a secure and trusted environment. The project’s focus on encryption, user authentication, and secure access ensures that all participants, whether data providers or service consumers, can safely engage with energy data while also compliant with EU standards like GDPR.

Risk management and cooperation

The forum followed with a panel discussion on implementing new cybersecurity legislation providing insights into the complex regulatory landscape facing Europe’s energy sector. Felipe Castro Barrigon from the European Commission’s DG ENER highlighted the need for risk assessments that are both robust and sector-specific. Legislation like the Cyber Resilience Act and Cyber Solidarity Act aims to ensure that energy systems are protected, but cooperation between regulators and operators is essential to avoid duplication of effort.

DATA CELLAR has prioritised compliance with national and EU regulations on cybersecurity and data privacy. By leveraging risk management techniques and aligning with Europe’s legal framework, the project ensures that its energy data space remains secure, efficient, and capable of supporting Local Energy Communities across the continent. The emphasis on information sharing during the forum reflects our commitment to fostering a cooperative, secure environment where data can be exchanged safely and efficiently.

The role of Artificial Intelligence

Artificial Intelligence (AI) emerged as a key topic during the forum, with José Ferrari Careto cautioning that AI could be used as a powerful weapon for both attack and defense in the cybersecurity domain. The speed at which malicious actors are adopting AI for cyberattacks often outpaces the ability of defenders to react. This presents a growing risk for energy systems, where AI-driven technologies are increasingly used to optimise operations and enhance decision-making.

 

By integrating encryption, user authentication, and a strong risk management framework, DATA CELLAR is well-positioned to address the cybersecurity challenges highlighted during the forum. The project’s focus on cooperation, compliance, and cutting-edge technology reflects the very priorities that Europe’s energy sector must embrace to remain resilient in the face of rising digital threats.