Developing Novel Solutions to Realise the EE-ISAC
For more effective decision making in preparation for and response to cyberevents in the energy sector, multilevel situation awareness, from technical to strategic is essential. With an uncertain picture of evolving threats, sharing of the latest cybersecurity knowledge among all sector stakeholders can inform and improve decisions and responses. This paper describes two novel solutions proposed during the formation of the EE-ISAC to build situation awareness and support information sharing. The development of EE-ISAC towards regular information sharing among members is described. This demonstrates the foundations achieved so far upon which a situation awareness network can be built for the energy sector.
Rafal Leszczyna, Tania Wallis, Michal R. Wrobel (2019)
Cyber Security Risk Management for Digitalized Energy Systems: Challenges & Solutions
The challenges and solutions of cyber security risk management for digitalised energy systems are presented and discussed in EE-ISAC’s white paper (2018). Developed by members who are lead researchers selected from academia and the sector’s solution providers, it gives an ultimate overview of standards and methodologies and that can be taken as the cutting edge for experts who are designing advanced threat identification and analysis in their companies. The tools and methods described here can offer a useful vision to work towards and contribute to more effective management of risks for the energy sector.
Massimo Rocca, Stefan Schauer, Paul Smith, Reinder Wolthuis (2018)
MISP & Threat Intelligence
EE-ISAC uses the Malware Information Sharing Platform (MISP) for the detection analysis and subsequent phases of incident handling. MISP is focused on sharing information that is related to specific issues in quasi-real-time, enforcing the need for proactivity. MISP identifies particular threats artefacts and recognises malicious activities.
Incident Analysis & Response
EE-ISAC aims to help utilities improve their resilience to cyber attacks by enabling information sharing and improving cybersecurity awareness across the energy sector. EE-ISAC gathers a synthesis of experience from their membership to offer some useful guidance, especially to assist smaller businesses to prepare and respond adequately to cyber incidents.