1、Reforming Cyber Regulation in Downstream Gas and ElectricityKyna Bowers,Assistant Head of Cyber Policy,DESNZ,Fran Howard,Cyber Regulatory Lead,OfgemWhat we will cover Ofgem&DESNZ who we are and our link to cyber security Current NIS coverage for Downstream Gas and Electricity Examples of cyber incid
2、ent impacts Policy thinking on whole energy cyber resilience Next StepsOfgem&DESNZ Link to Cyber SecurityDIGITAL INFRASTRUCTURE&SERVICESWATERTRANSPORTHEALTHENERGYDESNZ Policy Direction Designation&RevocationOfgem&DESNZ Link to Cyber SecurityWATERTRANSPORTHEALTHENERGYkWhREGULATORS FORDOWNSTREAM GAS A
3、ND ELECTRICITY OfgemCompliance:Engagement Guidance Inspections Enforcement PenaltiesSector transformation impactDistributionTransmissionGenerationInterconnectorsSuppliers 2 GWOnshore:250k customersOffshore:2GW 250k customers 1 GW(E)20M m3/d(G)250k customers*E=Electricity,G=GasNOT-NISNISx 3.5x 6x 3x
4、220232030Majority of new developments in these sectors will be too small to fall under NISCyber Security and Resilience Bill(Network and Information Systems)Bill The CSRB was introduce to parliament in November 2025.It will update the NIS regulations to keep pace with evolving technology and threat
5、landscape changes.If enacted,it will expand the scope for regulators to designate critical suppliers.This will be a key enabler for regulators to ensure the coverage of cybersecurity remains appropriate.Threat LandscapeLarger companies are harder to attack because they have better security and backu
6、ps.Plus,experts like the NCSC and the ICO discourage paying ransoms.Because of this,cybercriminals are focusing on small businesses,where they hope to get smaller payments more often.“FLEXIMIZE,2023,KENNET HARPSOE Just over four in ten businesses(43%)reported having experienced any kind of cyber sec