Intellisub

Intellisub Europe 2018

10-12 April 2018 in Dusseldorf, Germany.

The 5th annual IntelliSub Europe 2018 draws together 120+ utility substation asset management, engineering, operations & maintenance, and cyber-security professionals for 3 intensive days of digital substation implementation reviews.

Through a series of case-study presentations leading utilities reveal how they are making their investment decisions, technology choices, and implementation plans to drive the cost-effective deployment of next generation digital substations.

Days 1 & 2 focus on the investment drivers, new system architectures, and operations and maintenance approaches for new and refurbished substations in HV, MV and LV networks. Whilst the third day deep-dives into cyber-physical security considerations for next generation substations particularly in the context of IoT and cloud enabled systems, integrated with self-learning and self-healing capabilities.

On April 12th, EE-ISAC's member Security Matters will be leading a workshop on cybersecurity, joined by fellow EE-ISAC members Enel, AIT, Applied Risk, Accenture, and Brandenburg University.

For more information, please click here.

Cooperative models for ISACs

Cooperative models for ISACs

By ENISA

Information Sharing and Analysis Centres (ISACs) are non-profit organizations that provide a central resource for gathering information on cyber threats (in many cases to critical infrastructure) as well as allow two-way sharing of information between the private and the public sector. ISACs have created communities within the private sector. They could be oriented on a specific critical sector (e.g. finance, energy, health) or serve as a focal point on the national level to gather information about cyber incidents and analyse it.

Collaboration is a common objective of every European national cyber security strategy. Collaboration to enhance cyber security at all different levels i.e. information on threats sharing, awareness raising can be achieved in two formal structures: The Information Sharing and Analysis Centers (ISAC) and Public Private Partnerships (PPP). This year ENISA has conducted a study on Cooperative Models for Public Private Partnership (PPPs) and Information Sharing and Analysis Centers (ISACs), collating information on best practices and common approaches.

European ISACs are concentrated on building partnerships and trust between members. They are largely industrydriven, but governmental support is expected – not in terms of funding, but rather in facilitating functions (secretariat) and offering professional knowledge (fighting cybercrime, sharing information relevant for the industry). Participation of governmental bodies gives the ISAC an increased formality and also corroborates the public sector’s respect of industry needs and supports it in facing new challenges (e.g. NIS Directive and GDPR implementation).

For the full report, click here.

EE-ISAC at OECD Going Digital

The EE-ISAC was invited by OECD to partake to the Workshops on Digital Security and Resilience in Critical Infrastructure and Essential Services in Paris on February 15th and 16th.

On behalf of EE-ISAC, Johan Rambi (Board Member) joined the panel of Digital Security Risks to Government and Public Services to disseminate best practices on international collaboration and public-private partnerships (PPP). Specifically, EE-ISAC was able to contribute to governments under threat by showcasing best practices of how private companies are able to contribute to the discussion of cybersecurity. In addition, cross-national collaborations can help individual governments prepare and, even in some cases, prevent for cyber attacks on energy.

On the panel focusing on cybersecurity across various sectors, Mr Rambi was joined by Steve Casapulla (Acting Branch Chief for International Affairs, Office for Cybersecurity and Communications, Department of Homeland Security (US)) and Chaetae Im (Senior Researcher at Korea Internet & Security Agency, Korea Internet Security Centre). The panel was introduced by Jack Radisch (Senior Project Manager, OECD High Level Risk Forum) and was moderated by Stephen Davies (Strategic Technology Partners, Fireye). 

About the OECD: The Organisation for Economic Co-operation and Development (OECD) provides a forum in which governments can work together to share experiences and seek solutions to common problems. The OECD works with governments to understand what drives economic, social and environmental change. More about OECD Going Digital.

 

Introduction to the concept of Hybrid Threats

 

Georgios Giannopoulos (Scientific Officer, European Commission, DG Joint Research Centre) will be speaking at the EE-ISAC Expert Seminar on 7 September. He will provide us with an introduction to the concept of Hybrid Threats.

Hybrid Threats

Hybrid Threats can be defined as a mixture of coercive and subversive activities, conventional and unconventional methods (i.e. diplomatic, military, economic, technological), which can be used in a coordinated manner by state or non-state actors to achieve specific objectives while remaining below the threshold of formally declared warfare. Hybrid Threats also are a hot issue within the EU and critical infrastructures (including energy) have a central role in this field.

Framework for Industrial and Automation Control Systems

Furthermore, the work that the DG Joint Research Centre (JRC) is conducting towards a certification framework for Industrial and Automation Control Systems will be presented. This work is part of the support that the JRC provides to Directorate‑General for Communications Networks, Content and Technology (DG CONNECT) and it is particularly relevant to the recently adopted NIS Directive. Finally, an update on the Incident and Threat Information Sharing EU Centre (ITIS-EUC) will be provided.

TNCEIP

The EE-ISAC Expert Meeting is organized in collaboration with the Thematic Network on Critical Energy Infrastructure Protection (TNCEIP). TNCEIP is an initiative by DG ENER and supported by DG JRC. The aim of this network is to connect electricity, oil and gas operators and also transmission & distribution companies to

EE-ISAC and TNCEIP are welcoming European utilities to join this free-to-attend seminar on trusted cyber security information sharing within the European energy landscape. Click here for more information about the seminar.

 

Accomplishing a mature cyber security culture: how to empower employees as your First Line of Defense?

 

Like any other grid operator, EDP Distribuição has the responsibility to protect its critical energy infrastructure. What can we learn from their strong focus cultural change?

EDP strongly believes that it can only be successful if it fosters and elevates both cyber security and data protection from a merely technical challenge to an overall organization objective, achieved through a deep cultural change and a general understanding of what is at stake.

 

Top-down commitment & common values

To accomplish such a mature cyber security culture, EDP aims to ensure a top down commitment and establish common values and behaviors by continuously improving security awareness and training.

Therefore, EDP has established a Cyber Security cultural shifting program assuring that its employees are the first line of defense against cyber threats. The program encompasses different training and/or awareness initiatives considering the specificities of the various target audiences.

 

Presentation at EE-ISAC Expert Meeting (7 September, Athens)

Aurélio Blanquet (Director of Automation and Telecommunications) & Nuno Medeiros (Head of OT Cyber Security) will be sharing their vision and explain how EDP:

  • is empowering its employees as the First Line of Defense
  • using their Training and Awareness Program on Cyber Security of Critical Information Infrastructure (CII)
  • enhancing its cyber resilience with the Cyber Range Platform

On behalf of all EE-ISAC Members, EDP Distribuição is welcoming European utilities to join this free-to-attend seminar on trusted cyber security information sharing within the European energy landscape. Click here for more information about the seminar, including the session in collaboration with TNCEIP and the afternoon session with a country focus on Greece.

 

Please note: registration is open to utilities only. 

 

 

Pages