Ready for the European Resilient Cyber Security Single Market?

October 16, 2018 – The European Energy-Information Sharing & Analysis Center (EE-ISAC) has organized at the European Parliament its first conference titled “Ready for the European Resilient Cyber Security Single Market?” to debate with DG ENER, DG CNECT and EDSO for Smart Grids on the future of cybersecurity in the Energy sector. The conference has been conceived in the framework of the European Cyber Security Month (ECSM) to raise awareness on cyber threats, promote cyber security among citizens and organizations as well as resources to be protected online, through education and sharing of good practices.

During the conference the first EE-ISAC white paper on Cyber Security Risk has been presented as well as the multilateral agreement to be signed the day after with the US E-ISAC and Japanese E-ISAC in Las Vegas, and those recently signed with the Energy Analytic Security Exchange (EASE) and the Norwegian KraftCERT organization.

Massimo Rocca, the Chairman of the EE-ISAC, kicked off emphasizing how crucial it is to ensure that the sources we rely on are trustful and secure.

MEP Pilar de Castillo (EPP), the host of the event, has recommended that "digital and energy is a winning alliance. If we manage to guarantee the adequate level of security, we will, at the same time, give a necessary step to establishing a very powerful combination that will drive the competitiveness of the European economy to the next level in the context of the global market".

The message was further reinforced by all panelists. Jakub Boratyński from DG CNECT, noted that the EE-ISAC bottom-up approach which facilitates the monitoring on the lack of compliance is a terrific example of how ISACs should operate and reveals to be an important resource for the European Commission itself.

Michaela Kollau from DG ENER claimed “in cybersecurity fast cooperation is key, both among the relevant players and stakeholders and among all the European Union Member States by launching and promoting programs such as Horizon”.

In addition, Roberto Zangrandi from EDSO for Smart Grids, stresses the importance of digital safety for the citizens in the energy industry as well as in all digitalized sectors, as we are now moving from Corporate Social Responsibility to Digital Social Responsibility”. He urges a stronger cooperation between the main stakeholders and policy makers to formulate and conceive a “forward-looking regulation”.

About the EE-ISAC

It is an industry-driven, information sharing network of trust. Both private utilities and solution providers and (semi)public institutions such as academia, governmental and non-profit organizations share valuable information on cyber security and cyber resilience. The EE-ISAC is the result of the European research project DENSEK, which was realized with the financial support of the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme, European Commission - Directorate-General Home Affairs.

For more information, please visit www.ee-isac.eu. For media inquiries, please contact pia@ianusgroup.com.  

Trilateral Memorandum of Understanding

The EE-ISAC is proud to announce the signing of a Trilateral Memorandum of Understanding with US E-ISAC and JE-ISAC on Wednesday, October 17, 2018 at GridSecCon 2018 in Las Vegas (US), to promote international collaboration and information sharing through public–private partnership.

Energy Analytic Security Exchange and European Energy-Information Sharing & Analysis Centre Form Intelligence Sharing Partnership

October 3, 2018- Energy Analytic Security Exchange (EASE) and European Energy-Information Sharing & Analysis Centre (EE-ISAC) have partnered to exchange international threat intelligence that will serve to further protect the global utilities sector.

EASE and EE-ISAC will share cybersecurity and physical security information on threats against the utilities sector to support the resilience of their members’ electric grids from attacks by nation-state actors, criminals and “hacktivists.”

“While geographically separated, these two organizations both support an industry that is committed to providing reliable energy to its customers,” said Cindy Donaldson, president of Global Resilience Federation, the parent company of EASE. “Our goal is to enhance the security and resilience of that industry and EE-ISAC is on the frontlines of defense against threat actors. It is a natural partner for us given the detail and scope of information with which we want to arm our members, in support of the greater good for the sector.”

EASE, developed at the request of industry, collects and shares information from members, vendors, government and other partners. With rapid turnaround, EASE analysts provide added investigation and analysis to enrich intelligence alerts on topics spanning IT and ICS/SCADA vulnerabilities, malware attacks, terrorist activity and other threats to energy companies and the electric grid. With its partners, EASE has shared thousands of timely and actionable alerts this year, and through its automated sharing platforms has access to millions of Indicators of Compromise that are parsed into nearly 200,000 industry-specific threat indicators every month.

The EE-ISAC, founded after a European CIPS project, is the successful result of multidisciplinary cooperation reached in Europe by private operators, vendors, academy and government agencies, with the mission to achieve resilience through information sharing. The 20+ members are actively working on cybersecurity of the energy systems and critical infrastructures protection by support for the development of a community through a collaboration. Activities include sharing information on the evolution of the threat to energy infrastructures and sharing of best practices and innovative initiatives in the context of the protection of networks and industrial systems. Lastly, the EE-ISAC is developing an automatic sharing tool on the threats affecting the operators.

Working together, the two intelligence sharing bodies will broaden visibility into threats against the industry and further the security of their constituent member companies.

###

Energy Analytic Security Exchange (EASE) is a private sector non-profit organization that brings together energy companies to collect, analyze and share cyber and physical threat intelligence for mutual defense. EASE works with members to analyze and mitigate risks in ways that complement companies’ own efforts; from tracking systems vulnerabilities to providing in depth reporting, EASE works to enrich security product. At its most tactical, EASE analysts evaluate and disseminate signatures and indicators. At a strategic level, EASE provides reports to CSOs and CISOs while sharing cross-sector intelligence in a multi-industry defensive network of more than 7,000 organizations. Intelligence is also drawn from other ISACs and ISAOs, CERTs, government partners, and private vendors that monitor the Dark Web and geopolitical events, among other issue areas. Learn more on the EASE website, by visiting @EnergyASE on Twitter or Energy Analytic Security Exchange (EASE) on LinkedIn. Inquiries may be directed to Patrick McGlone at pmcglone@grfederation.org.

EE-ISAC is an industry-driven, information sharing network of trust. Both private utilities and solution providers and (semi)public institutions such as academia, governmental and non-profit organizations share valuable information on cyber security and cyber resilience. The EE-ISAC is the result of the European research project DENSEK, which was realized with the financial support of the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme, European Commission - Directorate-General Home Affairs. For more information, please visit www.ee-isac.eu. For media inquiries, please contact pia@ianusgroup.com.

5th Cyber & SCADA Security Forum for Power and Utilities Industry 2018

Take actions in strengthening your cyber defence, manage risks & vulnerabilities and ensure cyber resilience in today’s energy infrastructure.

“From the moment, we wake up in the morning to the sound of our alarm clocks until we turn off the lights at night, our daily activities are supported by a reliable operation of critical infrastructures. Critical Infrastructure systems (CIs) facilitate our communication, transportation, trade and financial transactions and last but not least, most of our comfort and entertainment. On a higher level our daily lives depend heavily on CI networks (such as energy, telecom, transportation, etc) as the lifelines of our economies and in effect our safety, health and prosperity.”

Cyber security attacks have rapidly increased in the power and utilities industry recently. It cause very harmful and tangible damage to businesses, not only in terms of financial losses, cyber espionage, but also in terms of damage to reputation.

5th Cyber & SCADA Security Forum for Power and Utilities Industry 2018 will gather senior decision-makers & experts from leading Power & Utility companies to exchange knowledge, challenges and experiences in an exclusive business - friendly environment. It is a great opportunity to brainstorm on how to improve cyber security resilience, strengthen cyber defences but remain compliant and maintain IT & information security cost-efficiency.

Participants will gain valuable insight from their industry peers and stay up-to-date with latest cyber security practices, policies and rules to protect energy infrastructure from cyber threats during face-to-face and networking sessions.

This Prospero event will address not only the main topics about SCADA and Cyber Security implementations featuring high-level experts in Cyber Security but also new trends, latest attack, ICS, IoT, NIS Directive, unknown side of cyber-attacks, Security aspects in 2017 on SCADA, TSO and EV (electric vehicles) cyber security and other emerging cyber security aspects within the power and utilities companies.

Contact: David Schkade davids@prosperoevents.com

Website: 5th Cyber & SCADA Security for Power and Utilities Industry, 26 – 28 September 2018, Amsterdam

Intellisub

Intellisub Europe 2018

10-12 April 2018 in Dusseldorf, Germany.

The 5th annual IntelliSub Europe 2018 draws together 120+ utility substation asset management, engineering, operations & maintenance, and cyber-security professionals for 3 intensive days of digital substation implementation reviews.

Through a series of case-study presentations leading utilities reveal how they are making their investment decisions, technology choices, and implementation plans to drive the cost-effective deployment of next generation digital substations.

Days 1 & 2 focus on the investment drivers, new system architectures, and operations and maintenance approaches for new and refurbished substations in HV, MV and LV networks. Whilst the third day deep-dives into cyber-physical security considerations for next generation substations particularly in the context of IoT and cloud enabled systems, integrated with self-learning and self-healing capabilities.

On April 12th, EE-ISAC's member Security Matters will be leading a workshop on cybersecurity, joined by fellow EE-ISAC members Enel, AIT, Applied Risk, Accenture, and Brandenburg University.

For more information, please click here.

Pages