Cyber security remains in the public eye this year with multiple incidents and vulnerabilities reported. Energy companies are developing and updating their cyber security response plans to reflect the increased legal, operational and technical risks they are facing.
The evolution of the threat has not escaped the attention of governments around the world. 2018 will see the implementation of the Network and Information Security Directive (NISD) as well as the General Data Protection Regulation (GDPR) in the EU. The NISD, which is coming into force in May, will require energy companies to ensure that their network and information systems meet minimum standards of cyber security. In the UK, the National Cyber Security Centre (NCSC) has recently issued detailed guidance on the compliance requirements of NISD.
The contents of this publication are for reference purposes only and may not be current as at the date of accessing this publication. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action based on this publication.
© Herbert Smith Freehills 2021