Cyber security remains in the public eye this year with multiple incidents and vulnerabilities reported. Energy companies are developing and updating their cyber security response plans to reflect the increased legal, operational and technical risks they are facing.
The evolution of the threat has not escaped the attention of governments around the world. 2018 will see the implementation of the Network and Information Security Directive (NISD) as well as the General Data Protection Regulation (GDPR) in the EU. The NISD, which is coming into force in May, will require energy companies to ensure that their network and information systems meet minimum standards of cyber security. In the UK, the National Cyber Security Centre (NCSC) has recently issued detailed guidance on the compliance requirements of NISD.