In accordance with the Network Code on Cybersecurity, the Agency for the Cooperation of Energy Regulators (ACER) wishes to monitor trends and assess the development of cybersecurity performance throughout the EU electricity sector.
To do this, the Agency requests a range of information from transmission and distribution system operators (TSOs and DSOs), electricity producers, nominated market operators (NEMOs) and balancing responsible parties.
On Tuesday 27 January, it therefore published its guidelines on the information to be submitted voluntarily for monitoring operational reliability performance indicators relating to cybersecurity in the electricity sector.
The data requested includes the number of reportable cyber threats or cyber-attacks and the annual number of unpatched vulnerabilities.
From 2027 onwards, ACER will open a period for the submission of this statistical information every three years. During the first submission period, in 2027, ACER will request 2026 data.
The data collected will form the basis of its triennial report.
To see its guidelines: https://aeur.eu/f/kfy (Original version in French by Pauline Denys)