Cyber security in the energy sector
The energy sector has been identified as a risk area where cyberattacks may have serious consequences. It is therefore essential to strengthen preparedness and raise the overall level of security to prevent vulnerabilities and acts of sabotage.
The energy sector is of critical importance to society and depends on systems remaining operational even during attacks or breaches that prevent users from accessing their networks and information systems.
Countering cyberattacks
The most effective way to counter such threats is through continuous security efforts aimed at preventing and mitigating intrusions. This also strengthens protection against the potential damage an attack may cause.
As an operator within the Swedish energy sector, you are expected to maintain:
- a systematic approach to risk management, including risk analyses and security policies
- procedures for incident handling, both preventive and responsive
- continuity planning and crisis management
- security measures related to suppliers, procurement, development, maintenance and vulnerability management
- monitoring and evaluation of the effectiveness of security measures
- procedures for reporting threats and vulnerabilities, even if no damage has occurred
Preparing for cyber attacks in the energy sector (PDF)
In the event of a suspected breach
If you detect a suspected breach, you must take the necessary measures without delay. The incident must then be reported to the Swedish Civil Contingencies Agency (MSB).
Report an IT incident to MSB (msb.se, in Swedish)
Support during an ongoing IT incident
If you require assistance in managing an ongoing IT incident, contact Sweden’s national CSIRT (Computer Security Incident Response Team). Their role is to support society in handling and preventing IT-related incidents.