Mondo Visione Worldwide Financial Markets Intelligence
Track all markets on TradingView

FTSE Mondo Visione Exchanges Index:

BT_Radianz_468x60_Jul23

ACER Issues A Guide On Benchmarking Cybersecurity Investments In The EU Electricity Sector

Date 13/06/2025

ACER issues today its guide on benchmarking the costs and effectiveness of cybersecurity investments in the EU electricity sector.

This ACER guide is developed under the binding EU-wide network code on sector-specific rules for cybersecurity aspects of cross-border electricity flows. It aims to help national energy regulators conduct the benchmarking required by the network code.

Why is this benchmarking important?

Conducting benchmarking of cybersecurity investments will provide national regulatory authorities with an overview of:

  • the costs of implementing cybersecurity controls, as well as their effectiveness and efficiency;
  • prices of cybersecurity services, systems and products;
  • the level of comparability of costs and functions of cybersecurity products and services. This analysis will also help identify possible opportunities to increase spending efficiency.

This will be the first EU-wide analysis on the topic.

What does ACER recommend?

ACER encourages national regulators to follow ten principles when conducting this benchmarking:

  • Plan and execute benchmarking activities to ensure results can serve their intended purpose.
  • Limit the scope and complexity of information to what is required by the benchmarking analysis.
  • Use a consistent approach when conducting national analyses.
  • Identify the stakeholders that will provide the data required by the benchmarking.
  • Develop reference lists of items for the purpose of benchmarking. For example, considering assets that are relevant for Union-wide high and critical impact processes.
  • Apply general accounting principles to assess the costs of benchmarked items.
  • Include macroeconomic factors (e.g. inflation) in the analysis.
  • Simplify how the effectiveness of investments is evaluated, considering this benchmarking assessment does not require the same level of detail as security assessments.
  • Evaluate the effectiveness of cybersecurity investments following the benchmarking objectives of the network code.
  • Explore different approaches for comparing the costs and functions of cybersecurity products and services.

What’s next?

From today’s publication, national regulatory authorities have one year to carry out the cybersecurity benchmarking analysis.

Access the ACER guide.

Confinity_sky1-min.gif BT_Radianz_120x600_Jul23.jpg