The European Network and Information Security Agency (ENISA) has released a new study called “Smart Grid Security – Recommendations for Europe and Members States.” The paper highlights the measures that should be instated to ensure a secure roll-out of smart grids.
Before revealing the recommendations, let’s take a quick look at smart grids.
Smart grids are the modern version of electricity networks. The two-way digital communication system integrated into them allows for a more efficient distribution and control of energy, bringing great benefits for the industry and society in general.
However, since they depend on computer networks, they bring with them cyber security risks that could have a devastating impact if not addressed properly.
That is why ENISA recommends that the European Commission and members states of the European Union develop a regulatory and policy framework on smart grid cyber security.
For this, the agency encourages member states to create public-private partnerships to coordinate cyber security initiatives.
Awareness raising on security issues, training programs, testing facilities, and knowledge sharing are all part of the recommendations made by the organization.
ENISA believes that a minimum set of security measures should be created based on standards and guidelines that are already available.
Furthermore, CERTs should also become involved in cyber security issues that could have an impact on power grids.
Also, existing studies should be put to good use by competent authorities and representatives of the academic sector in an attempt to foster research on smart grid security.
“Our study shows that the two ‘separate worlds’ of the energy sector versus the IT security sector must be aligned on security for smart grids,” Professor Udo Helmbrecht, executive director of ENISA, explained.
“We estimate that without taking cyber security into serious consideration, smart grids may evolve in an uncoordinated manner. I would therefore suggest that smart grids’ security be made part of the EU’s forthcoming Internet Security Strategy.”
The complete report is available here