ENISA is contributing in strengthening the cybersecurity of the EU's energy infrastructure and safeguarding critical operations.
Energy and telecommunications infrastructures are among the most critical components of modern society. The increasing reliance on ICT has elevated the importance of energy infrastructure. Disruptions in the electricity network, particularly those lasting for extended periods, can have profound societal impacts, triggering cascading effects across various sectors. Many of these disruptions are entirely unexpected.
ENISA collaborates with key stakeholders in energy policy-making and implementation to foster effective collaboration and harmonize best cybersecurity practices. In recent years, ENISA has closely partnered with the EU Commission at a technical level, supporting the NIS Cooperation Group's energy work stream by providing training and sharing sector-specific situational reports with cybersecurity authorities in the energy sector. Additionally, the Agency works with the EU Commission to conduct risk evaluations and develop risk scenarios from a cybersecurity perspective, addressing potential threats or attacks against Member States or partner countries.
Beyond its pivotal role in NIS2 implementation, ENISA significantly contributes to the electricity network code by offering expertise in areas such as risk assessment, incident response, and benchmarking. It assists in developing cybersecurity guidelines and collaborates with key energy stakeholders, including the European Network of Transmission System Operators for Electricity (ENTSO-E), the European Network of Transmission System Operators for Gas (ENTSO-G), the EU Distribution System Operators (EU DSO) entity, the EU Commission, and the Agency for the Cooperation of Energy Regulators (ACER).
ENISA also engages with the industry by sharing situational information with ENTSO-E, the EU DSO entity, ENTSO-G, and the EU Commission. In collaboration with these stakeholders, the Agency developed and launched an awareness-raising campaign targeting the energy sector and promoted the 'Awareness Raising in a Box' initiative to the energy cybersecurity community. Furthermore, ENISA is a founding member of the European Energy ISAC (EE-ISAC) and supports it by sharing situational information and by providing strategic guidance.
Finally, in close collaboration with stakeholders from both the public and private sectors, ENISA has published technical papers and recommendations. These include ENISA's technical papers on smart grid cybersecurity, power sector dependencies on time services, cybersecurity information sharing in the energy sector, and the security of industrial control systems (ICS and SCADA).