Today, the EU Agency for the Cooperation of Energy Regulators (ACER) has published its non-binding Framework Guideline on sector-specific rules for cybersecurity aspects of cross-border electricity flows.
What is the Framework Guideline about?
The Framework Guideline provides high-level principles for the development of a binding Cybersecurity Network Code that will further contribute to maintaining the security and resilience of the electricity system across Europe.
The Framework Guideline covers various security-related topics, such as:
- governance
- cross-border risk assessment & management
- a common electricity cybersecurity framework
- information sharing and essential information flows
- incident handling and crisis management (including data collection)
- an electricity cybersecurity exercise framework
- protection of information exchange in the context of data processing
- monitoring, benchmarking and reporting
What are the next steps?
ACER has now submitted the non-binding Framework Guideline to the European Commission.
As a next step, a specific drafting committee for the cooperation of ENTSO-E and the EU DSO entity will prepare a network code’s proposal based on the ACER Framework Guidelines.
ACER will then revise the proposed network code to ensure compliance with its Framework Guideline and that it does not hamper market integration, nor the market’s efficient functioning. ACER shall submit the revised network code to the European Commission within six-months.
Find out more about the Framework Guideline and the journey towards a Network Code on Cybersecurity.