EU Cybersecurity Forum: Energy grids & cyber resilience

Europe’s pioneering energy and cybersecurity organisations – The Association of European Distribution System Operators (E.DSO), the European Energy Information Sharing and Analysis Centre (EE-ISAC), the European Network for Cyber Security (ENCS), and the European Union Agency for Cybersecurity (ENISA) – hosted the 8th Cybersecurity Forum in Brussels, a high-level event addressing the continent’s evolving power grid security challenges.

Bringing together more than 200 participants from the European Commission, national regulators, DSOs and TSOs, and the wider energy and cybersecurity community, the Forum provided a platform to discuss how new EU frameworks – including the NIS2 Directive, Network Code on Cybersecurity (NCCS) and Cyber Resilience Act (CRA) – are reshaping the way Europe secures its increasingly digital and decentralised grids.

How security gaps in common consumer-energy technologies

Representatives from the Forum Partners, Charles Esser, Secretary General at E.DSO, Aurelio Blanquet, Secretary General at EE-ISAC, Anjos Nijk, Managing Director at ENCS and Dimitra Liveri, Head of Resilience of Critical Sectors Unit at ENISA welcomed the participants, followed by Rémy Garaude-Verdier, European Affairs Director at Enedis and E.DSO Board member/Chair of its Technology & Knowledge Sharing Committee, who emphasised the urgent need for collective action to secure Europe’s digital and interconnected electricity grids: “Keep one idea in mind: if the grid is a nervous system, our routines are its reflexes”.

Discussions focused on translating regulation into real-world protection. A live demonstration by ENCS exposed how security gaps in common consumer-energy technologies – including EV chargers, PV inverters and home batteries – could be exploited to disrupt power systems. Experts agreed that as these devices scale to hundreds of gigawatts of controllable capacity by 2030, cybersecurity must be integrated from design to deployment.

Threat of cybersecurity

Representing the European Commission, Fabrice Comptour, Cyber Defence Coordinator at DG CONNECT, highlighted that Europe’s clean-energy transition brings new vulnerabilities alongside new opportunities. He stressed that: “Cybersecurity is not only a box to tick or a programme, but a mindset or even a mission”.

Veli-Pekka Saajo, Deputy Director General at Energiavirasto; Vice President at CEER, continued saying: “The threat of cybersecurity is complex, and it is challenging energy markets, national politics and different sectors, so there is a need to break the silos to become more effective”.

Risk management and response

Two panel sessions examined how Europe can harmonise standards, improve information sharing and strengthen coordination between operators, regulators and suppliers. Speakers from the European Commission, World Bank, ENISA, CEN/CENELEC, SolarPower Europe and EASE underlined the need for a common approach to risk management and response.

Michaela Kollau, Policy Officer at DG Energy, closed the 8th Cybersecurity Forum with a key message: “The resilience of European energy grids depends on a shared commitment to implement current legislation and best practices in cybersecurity in energy”.