European Network for Cyber Security

📢 ENCS and World Bank's ESMAP - Energy Sector Management Assistance Program join forces to boost global energy grid cybersecurity   We are excited to share some highlights of the Cybersecurity Study Tour that took place in Paris 2-6 December. Read more about the collaboration between ESMAP and ENCS in our news item 👉 https://lnkd.in/dKwskCpH   For more information on ENCS trainings, check our wesbite 👉https://lnkd.in/ds7jgVpy

🗓️ December 2 – 6 📌Paris, France   More than 50 participants from The World Bank Group client countries will join the #ESMAP Energy Cybersecurity Study Tour in Paris to gain greater understanding of: ✔️ Cyber threat protocols ✔️ The SCADA control system and grid automation ✔️ Cyber governance and regulation ✔️ Advanced electricity metering infrastructure ✔️ Cyber threat mitigation and monitoring Experts from our partners European Network for Cyber Security (ENCS), Campus Cyber, Enedis and RTE will share their experiences and lead the discussions.   #ESMAP and Quality Infrastructure Investment (QII) Partnership Partnership seek to help Transmission system operators (TSO), Distribution system operators (DSO) and Ministries of Energy to reduce grid vulnerability, strengthen operational technology (OT), and improve cyber resilience practices.   ➡️ Learn more: https://lnkd.in/eB2ZiYcn Fanny Missfeldt-Ringius Chandrasekar Govindarajalu Anders Pedersen Oscar Gasca Marjorie Araya Tamaro Kane Cedric Bagnon Bipul Singh Yanchao Li Alan Lee Koshi Nishida Gor Khachatryan Ishan Khokar Kabir Malik Claire Nicolas Thi Ba Chu Maarten Hoeve Julien Keller Winslow Gordon Anjos Nijk Héloïse Enjalbal Salvatore Maccarrone Alexandros Tokatlidis Elvira S. Farida Mamadaslamova #Cybersecurity #ESMAP #Energy #Utilities #Digitalization #DigitalTransformation

📍 ENCS at the Financial Times Cyber Resilience Summit 2024   Anjos Nijk, Managing Director of the European Network for Cyber Security participated in the insightful panel discussion titled: “Tackling Cybersecurity in Critical Infrastructure” at this year’s FT Live Cyber Resilience Summit. Joining him in the panel were Dr Saira Ghafur and Rupert Lee-Browne.   As the threat landscape continues to evolve, critical infrastructure sectors like energy, healthcare and financial services are facing heightened risks from sophisticated cyberattacks and vulnerabilities in supply chains. During the panel, they explored key questions, including:   ⚡ What strategies provide greater visibility across increasingly complex supply chains?   ⚡ What are the implications of regulatory frameworks like the EU Cyber Resilience Act for businesses in critical infrastructure?   We’re grateful to the Financial Times for convening a platform to discuss these topics and foster collaboration in strengthening cyber resilience.

🚨 Critical Security Vulnerabilities Discovered in MZ Automation's MMS Client   ENCS cybersecurity testers at the time of the research, Humza Ahmad and Albert Spruyt, uncovered three major vulnerabilities in the MMS Client of the MZ Automation LibIEC61850 library (versions prior to 1.6.0). These vulnerabilities, now published in the MITRE CVE database, pose significant risks, including Denial of Service (DoS) and unauthorized code execution, potentially impacting critical infrastructure.   Here’s what was identified:   🔴 CVE-2024-45969: A NULL pointer dereference issue allows a malicious server to crash the client with a crafted MMS InitiationResponse message, causing a DoS. 🔴 CVE-2024-45970 & CVE-2024-45971: Buffer overflow vulnerabilities in parsing functions allow attackers to execute arbitrary code via malformed FileDirResponse and IdentifyResponse messages.   ✅ Good News: MZ Automation has acknowledged the issues and issued patches to address them.   👀Read more about the CVEs in our news item 👉 https://lnkd.in/eMsnBkiP

Amid rising geopolitical tensions, the electricity sector faces growing cyber threats, with Russian attacks on Ukrainian power grids underscoring the risks for Western nations. The sector’s mix of advanced and legacy systems creates a vast, interconnected attack surface, making supply chain security vital to prevent large-scale incidents across connected infrastructures. The European Network for Cyber Security is leading efforts to bolster cybersecurity through collaboration and awareness. ENCS Managing Director Anjos Nijk spoke to Infosecurity Magazine to emphasize the critical role of shared information and the potential impact of new legislation like the EU’s NIS2 directive on safeguarding Europe’s grid infrastructure: https://bit.ly/3Z0O9GI

📢 Exciting #RedTeamBlueTeam with European TSOs in The Hague!   Two weeks ago, we immersed ourselves in the fast-paced world of OT security with another action-packed Red Team/Blue Team exercise 🔴🔵.   Both teams brought their A-game, with the Blue Team showing impressive resilience under attack, but the Red Team still managed to create chaos with simulated disruptions on our grid infrastructure! 🚨   Learn more about our #RedTeamBlueTeam training journey 👉 https://lnkd.in/dMzdV2Jm

❗There are only 2 weeks to go until the FT Live Cyber Resilience Summit: Europe! Don’t miss your chance to meet and hear directly from regulators, CEOs from the world’s largest corporations to address evolving cybersecurity risks.  #ENCS Managing Director Anjos Nijk will be speaking about tackling cybersecurity in critical infrastructure.   👉 Save 20% with code ENCS: https://bit.ly/4dNtqu0 #FTcyber

📢  Exciting News from the eFORT project! We’re thrilled to announce the kickoff of Task 6.6 – Regulatory Framework and Recommendations to Legislators, lead by European Network for Cyber Security, which was presented during the 3rd General Assembly of the eFORT project in Thessaloniki on October 2-3. During this task, our goal will be to identify regulatory gaps and propose amendments that will allow the best cost-benefit solutions. Here’s what we’ll be working on until April 2026: 🔹 Review European regulations and identify gaps affecting eFORT solutions. 🔹 Monitor the compliance of eFORT solutions with national and European grid security regulations. 🔹 Develop recommendations to legislators to amend existing regulations. 🔹 Promote changes that support deployment of eFORT and other BRIDGE initiatives. We are eager to contribute to a more robust and adaptable regulatory framework that will foster innovation and ensure secure, future-proof grid solutions. Stay tuned for updates! #eFORT #Cybersecurity #EnergySecurity #GridInnovation #EURegulations #SmartGrid #BRIDGEinitiative Elvira S. Héloïse Enjalbal

📢 Join us in Madrid, November 12-14, 2024 at the CIPRE Conference!   The Critical Infrastructure Protection & Resilience Europe 2024 is approaching, where experts from across Europe will gather to discuss the protection and resilience of critical infrastructures.   We’re pleased to announce that Anjos Nijk, Managing Director of #ENCS, will be speaking on the important topic of the Implementation Challenges of NIS2 and Cybersecurity Network Code. His insights will be instrumental for anyone working on enhancing infrastructure security and navigating new regulations.   Register here 👉https://lnkd.in/ep4ck_y4 and use code ‘ENCS25’ when registering as a delegate to receive a 25% discount. Don’t miss this opportunity to hear from industry leaders!

📢 The FT Live Cyber Resilience Summit: Europe will host the industry's most senior leaders from the region. Join discussions on the theme of tackling mounting threats to business, infrastructure and the economy. ENCS Managing Director Anjos Nijk will be speaking about tackling cybersecurity in critical infrastructure. Download the event brochure to discover the CEOs speaking, discussion topics and networking opportunities: https://bit.ly/4045cIH   Save 20% on passes with code ENCS: https://bit.ly/4dNtqu0 #FTcyber