In 2017, under the leadership of director Aurélio Blanquet, EDP Distribuição joined the European Network for Cyber Security (ENCS). Now, Blanquet has been elected Chair of the ENCS Assembly Committee. Here, he talks about his new role and the state of cybersecurity across the European energy sector.
EDP Distribuição has been a member of ENCS for a few years now. What made you take the step to become Chairman of the Assembly Committee?
We joined ENCS originally because it was an organisation playing a central role in cybersecurity for Europe’s grid operators, at a time when there simply wasn’t enough focus on the issue. Since then, there has been more attention paid to cybersecurity, however ENCS has continued to lead the thinking.
Not only does ENCS help us as an individual member, it is a European voice for grid operators when it comes to cyber security – both for DSOs and TSOs. I firmly believe that the future is digital, and cybersecurity is the most critical issue for us to allow that future to happen.
So, my primary motivation in becoming Chair was to do what I could to continue that leadership role and continue those benefits for members. ENCS is a community of members, but through that community we also work with important associations such as EDSO, ENTSO-E and EUTC, as well as the European Commission. Together, we are all stakeholders with a common goal of achieving a more secure European energy grid, and this opportunity allows me to help continue and deepen that cooperation.
My secondary motivation, on a more personal note, was that I felt very strong support from other members. This encouraged me to step forward and support the ENCS general management and to continue the excellent work done by my predecessor, the previous Chair, Walter van Boven . This support carried into the election and I’m very proud to take this position.
What are your priorities as the new Chairman? What will the role involve for you?
For me, there are two main priorities I want to support ENCS with. The first is to continue to broaden the member base. As an organisation that thrives on information and knowledge sharing, the larger we are, the more effective we can be. It is also important, in an interconnected system like the European power grid, to cover as much of it as possible. ENCS is already the cybersecurity voice for European DSOs and TSOs and it must speak for as many in the sector as possible.
The second priority to my mind is to keep ENCS tightly aligned with its strategic goals and continue to deliver value to members. Specifically, I want to work to assure that ENCS remains independent and focused on grid operators’ needs. This is one of the core strengths of the network versus other associations – that it is independent and fully owned by grid operators. We must work to protect that unique advantage.
Reflecting on progress in the smart grid cybersecurity sector since EDP Distribuição joined ENCS in 2017, what are the main developments and how well has the sector done?
I think it has been a very positive couple of years – very solid progress. Within ENCS, we have contributed to member projects developing things like security requirements for distribution automation systems. Stressing the importance of harmonization of security requirements and testing driven by the grid operator community, ENCS has created a lot of content and resources that are quite important and useful for smaller DSOs and we aim to expand collaboration here.
We’ve also seen a mindset shift towards end-to-end security and risk management, and a growing awareness of the importance of information and knowledge sharing. The market has also started to deliver security analytics platforms, indicating that the sector is waking up to not just the challenges, but the opportunities of building a secure grid.
But there’s still a lot to do. Partly because security is a never-ending game; as threats evolve, we must too. And partly because there is still a lot of work that hasn’t been done yet – for example, we are working on current ENCS member projects such as information security management standards, among others. The future is built on the past, and a secure grid will be built on this work we’ve done and are doing now.
What are the biggest security challenges for the energy sector in the near future?
One big challenge is to not just continue collaboration within the sector, but to deepen it. Only by working together will utilities be able to stand up to the cyber security threat. We must be able to share both problems and solutions, and to set common goals for common challenges.
This is even more important in light of the other challenge I wanted to highlight: the skills gap. There isn’t enough security expertise to go around in the European energy sector. So, we have to identify and nourish more of this talent, attracting, developing and retaining it so that the industry has the security knowledge it needs.
In the meantime, the skills gap underlines the importance of cooperation: if we have limited resources, it’s important to deploy them in the smartest way possible to solve the right problems and provide the right solutions. We cannot afford for different teams to all be doing the same things in different pockets of Europe, we must coordinate for best effect. As a unifying element that helps achieve a strategic consensus from its members, ENCS has been central to that and will continue to be so.
After all, cybersecurity is the single most critical issue we need to face when we talk about digital transformation. You can talk about electric vehicles and prosumers and all these exciting things, but none of it will count for anything if we don’t get the security right. ENCS can be the security organisation for European grid operators and is a very viable route to help achieve that – which is why I’m looking forward to serving as Chair for the Assembly Committee.
The latest trends and technologies in cybersecurity will be spotlighted at European Utility Week and POWERGEN Europe in Paris later this year. EDP Distribuição will also be exhibiting at European Utility Week. Click here for details.