Landis+Gyr | Blog | René Krause

Hands down, by now there are probably a trillion articles offering advice on how to “get ready for NIS2” (just do a search in your search engine of choice). Some contain sensible tips, most simply re-list the requirements of the updated Network and Information Security directive and leave the reader in limbo.

Still, even just 1.5 months away from the EU's NIS2 directive turning into national law, many customers in the electrical sector we speak to have difficulties getting their heads around the full impact of NIS2. In particular, the extension of thorough cybersecurity to the OT networks of their grid infrastructure causes headaches. For many electric and multi-utilities this is still new territory with many blind spots and unknown challenges.

The NIS2 directive requires owners and operators of electric and multi-utilities to include their OT networks in risk management procedures and risk analysis. The target is to determine the risk exposure of their critical processes and define appropriate mitigation measures. And this is for good reason, as the results of our vulnerability assessments at IOUs, municipal as well as public utilities highlight.

Energy companies are under pressure from all sides when it comes to the cyber security of their critical infrastructure. The spiraling skills gap is set against an increasingly dynamic risk landscape and more far-reaching legislation. Nevertheless, companies must quickly find ways to set up their own operational technology (OT) security expertise.

Landis+Gyr Blog

René Krause

Three steps for electric utilities to get ahead of NIS2 in 60 days

The Top 10 OT Risks in Multi-Utilities Identified

Maintaining OT Security under NIS2: Strategies for Businesses without In-House Expertise

Posts by Topic

Popular Articles

Recent Articles

Resources

Information

Contact