Managing OT cyber security risks using BowTies and Risk & Opportunity Based Asset Management at Dutch DSO Enexis

Loading...
Thumbnail Image

Paper number

141

Working Group Number

Conference name

CIRED 2019

Conference date

3-6 June 2019

Conference location

Madrid, Spain

Peer-reviewed

Yes

Short title

Convener

Authors

Hoeve, Maarten, European Network for Cyber-Security, Netherlands
Montes Portela, Carlos, Enexis Netbeheer B.V., Netherlands
Brouns, Gido, Enexis Netbeheer B.V., Netherlands

Abstract

The increasing digitalization of the electricity grid together with the new threats, increases the cyber-security risks related to the distribution of electricity. Major investments need to be made to mitigate these risks. These investments need to be compared with other investments necessary to make the grid ready for the increased use of renewables and electric vehicles and the management of other grid related risks like outages due to cables being broken during construction work. Cyber-security risks need to be properly assessed to determine the right level of investment.The Dutch DSO Enexis has developed a method to assess cyber-security risks that integrates with their Risk and Opportunity Based Asset Management process. The method uses BowTies, a general method that Enexis also uses for all non-security risks to assets. The risk levels are estimated using the asset management risk matrix. In this way, they are made comparable to all other asset risks, so that rational investment decisions can be taken.

Table of content

Keywords

Publisher

AIM

Date

2019-06-03

Permanent link to this record

https://cired-repository.org/handle/20.500.12455/548
http://dx.doi.org/10.34890/774

ISSN

2032-9644

ISBN

978-2-9602415-0-1