Sara Skärhem
Senior Projektledare
Contact Sara
Why cybersecurity in the power grid is crucial
Connected energy units, smart grids and digital control systems create efficiency but also new areas of vulnerability. A cyberattack on the electricity grid can lead to power outages, financial losses and weakened confidence in the energy system.
For energy companies, property companies and municipalities, it is becoming increasingly important to have control over cyber security risks – not least in light of the EU's upcoming NIS2 directive, which imposes stricter requirements on systematic cyber security work.
Most things are connected to the internet today, which opens up our electricity system to cyber attacks. There is a general need to increase awareness and knowledge of cyber security; it is important to understand the challenges posed by connected energy devices, for example.
What needs to be done?
Creating a robust energy system requires efforts on several levels. It involves identifying and mapping the specific risks that exist in the electricity grid. It also involves raising awareness and embedding cybersecurity issues broadly in the organisations that manage our energy supply. Furthermore, network operators need tools to prioritise the right protective measures where they are most effective, and decision-makers need to promote cyber-secure technology, processes and methods.
By working systematically with these issues, we can prevent cyber incidents, reduce the financial losses caused by attacks and increase security for both network operators and other market players. In the long term, this will contribute to an energy system that can cope with both current and future threats – and that strengthens Sweden's and the EU's goals for a secure energy supply.
A framework for enhanced cyber security
The GridSecure project brings together different methods in a common framework to strengthen both security and resilience in electricity grids and works in three main areas:
In the area of risk assessment and standardisation, we have mapped current methods, identified gaps and developed a proposed method for mapping cyber security risks in electricity grids.
For systematic cybersecurity work, we focus on increasing knowledge at many levels and in many areas, with broad support within the operations – something that becomes particularly important when energy companies, property companies and municipalities have to meet the requirements of the NIS2 Directive.
Through simulations of fake data attacks on Nordic electricity markets, we have also developed a decision support tool for market optimisation and data integrity. This helps network operators prioritise the right protective measures and use their resources where they make the most difference.
GridSecure strengthens RISE support for the energy sector and helps build the resilience needed for a secure and reliable energy system – today and in the future.
