What the New Cybersecurity Network Code Means for European Utilities

In January 2022, the European Network of Transmission System Operators for Electricity (ENTSO-E) announced the details of its new cybersecurity code. The Network Code on Cybersecurity (NCCS) is the first network code that will be developed according to the new rules established by the European Union on the internal market for electricity and is expected to enter into force by January 2024. The network code aims to set a European standard for the cybersecurity of cross-border electricity flows. It focuses on improving cybersecurity resilience through the enhancement of threat decision and incident reporting and proposes various measures to improve cybersecurity resilience that are essential to preserving the continuity of the services.

Guidehouse experts have created a fact sheet providing an overview on the proposed regulations, summarizing some of the most pressing considerations into six key focus areas, such as identifying the impact level, conducting a gap analysis, utilizing an established cybersecurity framework, focusing on supply chain security, conducting risk assessments, as well as managing and reporting incidents.

“Guidehouse’s Cybersecurity team and our Energy, Sustainability, and Infrastructure team promote and foster the effective security practices integrated with operational and compliance goals,” adds the paper. “Our experts help energy companies and utilities conduct cybersecurity assessments, harden security, streamline compliance, and increase resilience — so they are prepared for any threats the future has in store for them.”