ACER publishes guidelines to share cybersecurity information in electricity sector
Agency for the Co-operation of Energy Regulators (ACER) has published new guidelines aimed at enhancing the protection of cybersecurity information exchanged under the EU-wide network code on sector-specific rules for cybersecurity aspects of cross-border electricity flows (NCCS). The guidelines emphasise the need to maintain the confidentiality of sensitive information on cyberattacks, threats, risk assessments, and cybersecurity expenditures while ensuring that such information is shared securely amongst entities and with the relevant authorities. It recommends the use of the Traffic Light Protocol (TLP) for exchanging information and offer methods for anonymising and aggregating data, particularly when no legally binding national classification schemes are in place.