The European Commission (“Commission”) has published a Recommendation on cybersecurity in the energy sector (“Recommendation”). The Recommendation builds on recent EU legislation in this area, including the NIS Directive and EU Cybersecurity Act (see our posts here and here). It sets out guidance to achieve a higher level of cybersecurity taking into account specific characteristics of the energy sector, including the use of legacy technology and interdependent systems across borders.
This Recommendation sets out the main issues related to cybersecurity in the energy sector and identifies actions to enhance cybersecurity preparedness. The Commission calls on Member States to encourage industry stakeholders to build up knowledge and skills related to cybersecurity and, where appropriate, to include these considerations into their national cybersecurity framework (e.g., through strategies, laws, regulations and other administrative provisions). Continue Reading