LEGAL CONDITIONS FOR CYBERSECURITY OF THE ENERGY SECTOR

The aim of this paper is to review selected legislative acts governing the protection of the energy sector in terms of cybersecurity. The energy supply system is an area increasingly dependent on IT solutions. Rapid technological progress, interconnectedness between sectors, digitization and automation of energy networks, and finally the construction of the so-called smart networks increase the amount of data collected and, consequently, the need for computerization. Computerization of electricity business exposes the energy system to cyberattacks and incidents that can compromise security of energy supply. We are seeing increased sensitivity of energy infrastructure, and this requires a proper assessment of all threats, including cybersecurity threats, and the creation of tools to prevent and minimize the impact of identified threats.

Full text (pdf)

1. Gapiński, K. Blackout w zachodniej Ukrainie – cyber atak o wymiarze międzynarodowym, styczeń 2016 [Access: 12.04.2020 r.]. Access on the internet: https://pulaski.pl/komentarz-blackout-w-zachodniej-ukrainie-cyber-atak-o-wymiarze-miedzynarodowym.
2. Banasiński, C., Rojszczak, M., red. (2020). Cyberbezpieczeństwo. Warszawa.
3. European Parliament & Council, Decision 854/2005/EC of the Parliament and of the Council of 11 May 2005 establishing a multiannual program for the promotion of safer software with the Internet and new network technologies.
4. European Commission, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for enforcing consumer protection legislation.
5. European Parliament & Council, Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002/22 / EC on universal service and users' rights relating to electronic communications networks, Directive 2002/58 / EC concerning the processing of personal data and protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for enforcing consumer protection legislation.
6. European Commission (2013), Commission Proposal for a Directive concerning measures to ensure a high common level of network and information security across the Union, [online] http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A52013PC0048
7. European Parliament (2016), Cybersecurity strategy for the energy sector, [online] http://www.europarl.europa.eu/RegData/etudes/STUD/2016/587333/IPOL_STU(2016)587333_EN.pdf
8. Council of Ministers, National Critical Infrastructure Protection Program, consolidated text based on Resolution No. 121/2018 of the Council of Ministers of September 7, 2018 amending the resolution on the adoption of the National Critical Infrastructure Protection Program.