Overview and Improvement of Procedures and Practices of Electricity Transmission System Operators in South East Europe to Mitigate Cybersecurity Threats

Abstract

<jats:p>The implementation of information and communication technologies (ICT) in power systems increases the risks of cybersecurity threats, requiring protection measures that should reflect the multi-actor environment of the contemporary power systems. This paper provides a critical assessment of the cybersecurity practices of the transmission system operators (TSOs) from South East Europe (SEE) and the implementation of obligations for TSOs emerging from the complex set of cybersecurity and electricity legislation. The analyses of TSO cybersecurity practices are based on a survey conducted with the TSOs from SEE and show there is a lack of consistent cybersecurity policy at the TSO level. These analyses demonstrate that the differences between TSOs from the SEE region are not very significant with regards to implementation of technical protection and defense measures for critical infrastructures (CIs) and assets. The comprehensive analyses of electricity and cybersecurity legislation uncover the obligations of TSOs emerging from legislation and relate them to current TSO cybersecurity practices, confirming the necessity to boost existing practices. Considering the analyzed legislation and implemented practices, this paper presents a proposal for a cybersecurity framework for TSOs that should improve their organizational and operational response to the evolving cybersecurity challenges.</jats:p>