Reshaping Cyber Regulation in Downstream Gas and Electricity

Overview

In light of the changing energy landscape as the country moves towards Clean Power 2030 and the increased cyber security threat, Ofgem and the Department of Energy Security and Net Zero are seeking views on reshaping cyber regulation for the downstream gas and electricity sector in Great Britain.

The consultation considers whether there is a need to change how cyber resilience requirements apply across the downstream gas and electricity sector. We propose introducing baseline cyber requirements for all Ofgem licensees, to ensure cyber is on everyone’s agenda and introduce a consistent cyber starting point for the energy system. It also explores the possible expansion of the scope of the Network and Information System Regulations 2018, through a review of thresholds and essential services for designation in the downstream gas and electricity sectors.

We welcome feedback and evidence from a range of stakeholders; including from Ofgem licensees, developers and industry bodies to think tanks and academia, to inform the development of our proposals. Your input will be vital in shaping requirements that are appropriate and proportionate, future-proof, and are effective in defending against an evolving and complex, threat landscape.