Managing OT cyber security risks using BowTies and Risk & Opportunity Based Asset Management at Dutch DSO Enexis

Loading...
Thumbnail Image
Paper number
141
Working Group Number
Conference name
CIRED 2019
Conference date
3-6 June 2019
Conference location
Madrid, Spain
Peer-reviewed
Yes
Short title
Convener
Authors
Hoeve, Maarten, European Network for Cyber-Security, Netherlands
Montes Portela, Carlos, Enexis Netbeheer B.V., Netherlands
Brouns, Gido, Enexis Netbeheer B.V., Netherlands
Abstract
The increasing digitalization of the electricity grid together with the new threats, increases the cyber-security risks related to the distribution of electricity. Major investments need to be made to mitigate these risks. These investments need to be compared with other investments necessary to make the grid ready for the increased use of renewables and electric vehicles and the management of other grid related risks like outages due to cables being broken during construction work. Cyber-security risks need to be properly assessed to determine the right level of investment.The Dutch DSO Enexis has developed a method to assess cyber-security risks that integrates with their Risk and Opportunity Based Asset Management process. The method uses BowTies, a general method that Enexis also uses for all non-security risks to assets. The risk levels are estimated using the asset management risk matrix. In this way, they are made comparable to all other asset risks, so that rational investment decisions can be taken.
Table of content
Keywords
Publisher
AIM
Date
2019-06-03
Permanent link to this record
https://cired-repository.org/handle/20.500.12455/548
http://dx.doi.org/10.34890/774
ISSN
2032-9644
ISBN
978-2-9602415-0-1