Energy Digitalisation Taskforce (EDiT) report puts security and resilience at the heart of the UK energy sector’s future

The digitalisation and decarbonisation of the energy sector is driving exciting innovations and creating new business models. But the successful adoption of these technologies and new ways of working relies on the trust that services will continue to be delivered securely. More than ever, governments and regulatory bodies are embedding security and resilience obligations within regulation to enable safe digitalisation at scale.

In the UK, the latest step toward a safe and secure future energy system comes this week with the publication of an independent report by the government-sponsored Energy Digitalisation Taskforce (EDiT). The report urges the energy industry to adopt digital security measures, including:

  • Reviewing cyber security protocols and ensure they ‘excel at the basics’.
  • Mapping cascade effects of system security zones.
  • Increasing the frequency of regular penetration testing.
  • Adopting zero trust and least privilege when it comes to interactions between systems, processes and people.

In addition, the report suggests that the UK Government and Energy Regulator should take the following steps as they develop a regulatory framework for securing the UK energy system:

  • Foster a culture of transparency and enhanced disclosure for cyber security risks.
  • Embed zero trust and least privilege throughout the sector through standards and regulation.
  • Create a ‘Red Team’ within regulatory entities.
  • Introduce minimum security standards and provision for easy software and firmware upgrades.
  • Ensure there is sufficient legal protection for external researchers that discover cyber security issues.

Charly Davis, Head of Industrials at NCC Group, said: “Security and resilience is a key enabler of a digitalised, decarbonised energy system, and it is great to see recognition of this in a government-backed report.

We are also delighted that the important role of cyber security researchers in protecting the UK’s critical national infrastructure has been recognised and couldn’t agree more with that legal protection is required for those that discover vulnerabilities. We look forward to seeing how the UK Government plans to take these recommendations forward, including as part of its ongoing review of the energy sector’s regulatory framework and NIS regulations.

“The practical steps set out by the Taskforce will help to ensure that energy firms’ systems are secure. Organisations will also need to understand how regulation might evolve in the near future, and whether this is likely to affect them, in order to prepare.”

Read the full EDiT report – ‘Delivering a Digitalised Energy System’ here.

  • Increasing the frequency of regular penetration testing.
  • Source:

    Donovan Larsen

    Donovan is a columnist and associate editor at the Dark News. He has written on everything from the politics to diversity issues in the workplace.

    Related Articles

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Back to top button