are and how the hackers operate; then what to do and how to take
care of the situation. We do red team/blue team training for companies
using operational technology, such as SCADA systems, hands-on
training in real situations where you can practice. Now, bringing it to
the next level, we will be able to do simulations and create normative
training programs. We’re in a collaboration with the Technical University
of Delft and are about to create a consortium; submission of proposals
is due for 24 August.
Q:What does ENCS already do to enhance Europe’s cybersecurity?
A: ENCS has four pillars: training, collaborative projects, testing and
information and knowledge sharing.
Education and training is one of four ‘pillars’ where we develop
knowledge and capabilities for what we call collaborative projects:
identifying common needs of our members and then creating, in
collaboration with them, concrete solutions that they can deploy. You
could call it consulting, although it’s not the typical type. Then we do
testing to establish security requirements: what does it mean for a system
to be secure or ‘secure enough’, and how can you independently
validate it through testing? Then the most important pillar is information
and knowledge sharing. How amongst the community can you
establish ways to share real vulnerabilities? How can we work with the
industry to help address the issues faster than we do today?
Manufacturers come to us to say, ‘We have these security
requirements; could you please help us address them in the right
way?’ This is the standardization part that we do, which will also impact
systems like substations and monitoring. We will be teaming with
ENTSO-E on this one.
When it comes to regulations and standards, our activities follow
on the European Commission’s Directive on security of network and
information systems (NIS directive), which is an EU-wide regulation
that must be converted by member states into national law by 2018.
It specifes a duty to take appropriate technological and operational
measures and an obligation to report incidents. This is something that is
being prepared now and by various member states.
To fnd the best practices that you have to look into to address this
requirement, we collaborate and team up with DSOs and TSOs, in The
Netherlands for instance. There is a cybersecurity experts’ group within
the European Commission’s Smart Grid Task Force, which is also looking
into further regulatory aspects of the NIS directive and whether some
topics require additional regulation. Here also we are working with the
specialists from the TSOs and ENTSO-E to bring in expertise from the
security and network side.
Q: Is cybersecurity for power networks an urgent requirement?
A: If we go back to 2012, when I started to challenge people in critical
Improve Efficiency and Performance with
Engineered Bearings and Seals
Control vibrations and shift
critical speeds with ISFD®
technology, an integral
squeeze flm damper.
Minimize leakage gaps with
custom and reverse engineered
brush seal solutions.
Optimized Bearing Designs
Reduce power loss, increase
load capacity and achieve
superior dynamic performance
with specialized thrust and
journal bearings. Choose Waukesha Bearings® for performance you can trust.