“Energy Cybersecurity Forum”, second edition: Cybersecurity is a necessity in the energy field and requires a joint effort to ensure the security of energy infrastructure and IT systems
Distributie Energie Electrică Romania – DEER, the most important national electricity distribution operator, gathered over 300 participants at the second edition of the Energy Cybersecurity Forum. Thanks to DEER’s approach, Cluj was, for two days, the host of the most important actors in Energy and Information Technology.
The Forum’s debates highlighted the challenges and the fact that cyber security has become a priority for companies and institutions in the digital age, and especially for companies in strategic sectors, such as the energy sector. Representatives of important national and international institutions – Government, Parliament, ANRE, ministries, representatives of local and multinational companies, specialists, analysts, representatives of universities and professional associations, journalists actively participated in a large-scale event, with a theme current and maximum interest.
The Minister of Energy, Sebastian Burduja, conveyed to the audience, through a video message: “I am on my way to Baku, where I have the honor to represent Romania in the world’s journey towards a safe, competitive and green energy transition (n.r. – COP29). It is already a tradition to be in Cluj, at the Cyber Security Forum, a vital topic for the future of Romanian energy. I want to congratulate the DEER team and general manager Mihaela Suciu from the very beginning. You are not only exceptional hosts, but you are visionaries, who have decided to put this topic of energy security on the table of decision-makers and on the table of public opinion and civil society as a topic for debate.
The Ministry of Energy has undertaken the creation of the first Sectoral Cyber Security Incident Response Center – this CRISCE, which will include specialists who will work in shifts, highly paid people and whose mission will be to defend the entire Romanian energy sector from cyber-attacks. We are already in inter-ministerial approval with this draft Emergency Ordinance, and I am convinced that, in the immediate future, we can adopt it and set an example for other ministries and sectors. Please rely on us, let’s move forward and make sure that the Romanian energy sector is protected against any threats, including those of cyber security”.
At the opening of the Forum, Emil Boc, mayor of Cluj-Napoca: “Cybernet security is no longer an optional matter, it is already a necessity, even more so in the energy field. Rightfully so, someone was warning and saying that, unfortunately, we are only a few clicks away from a cyber disaster, thereby emphasizing that if we are not proactive, disaster is upon us and then the consequences are dramatic. This event is a forum of good practices, on the one hand, but also of innovative ideas for what solutions mean for the future. Equally, what I have been able to find is that this matter of cyber security is no longer just the purview of IT people. Cybersecurity obviously has the IT component as its central core, but it must become a coherent, concrete public policy component and, above all, included in the design phase of the infrastructures we create. Beyond awareness, beyond thinking of cyber security as a stage from the beginning and not a final one in the protection of what we have, I think there are things we can no longer avoid”.
The National Energy Regulatory Authority (ANRE), through the regulations it makes, takes into account the cyber security of the energy system in Romania, and the dialogue with operators is open and will continue to be, said Mircea Man, ANRE Vice President. “Of course, the problem has never been raised that the Authority does not have a total openness to the arguments brought by operators for the security of the energy system, because ANRE’s objective is to create a solid energy system, an accessible energy system for all actors involved in energy security. And for sure, we also prioritize the possibility that those who are beneficiaries will be able to pay in the end and that the prices will be affordable for both domestic and industrial consumers”.
Where does the money for cyber security come from? Mr. Sandor Bende, President of the Committee for Industries and Services in the Chamber of Deputies, stated: “We cannot wait for the money to come from the EU. Everything has costs. If ANRE recognizes these costs, they will be reflected in the prices paid by citizens. A balance will have to be found. Will there be higher costs in networking or cyber security? The ANRE experts will have to think of a solution, so that we keep the price at a fair, fair level, which the citizens can bear, and the companies do not go bankrupt”.
Istvan-Lorant Antal, president of the Commission for Energy, energy infrastructure and mineral resources in the Senate: “For now, ANRE does not recognize the costs of investments for cyber security. And I understood that cyber security has a high cost, a major cost. Again, let’s not demand from companies, which are oriented towards profit, because, after all, they are economic companies, so, for the sake of cyber security, to invest in cyber security. ANRE has an extremely important role here, in my opinion, because the distributions, if they start making massive investments in cyber security, from the point of view of their functioning as companies, and are in a regulated market, every euro cent, every penny I put there must be recognized by ANRE”.
At the opening of the second day of debates, Ovidiu Cîmpean, Secretary of State at the Ministry of Investments and European Projects, recommended: “Let’s invest in renewable energy and smart networks for an impactful cyber resilience in the region. Investments in renewable energy, public-private partnerships, and economic development can help increase cybersecurity in energy. And non-reimbursable financing contributes significantly to security and increasing energy efficiency”.
“In a world where critical infrastructures are becoming targets for cyber-attacks, protecting them is not only a legal obligation, but also a responsibility to the communities and economies we serve. Cyber security is a topic that concerns us all, and in the energy sector the impact of a cyber attack can be devastating. That is why it is essential to be one step ahead of the challenges and to strengthen our ability to effectively respond to threats,” said Alexandru Chiriță, CEO of Electrica, appreciating that, unlike last year, progress has been made: ” Last year we were at discussion level; this year we are in an intermediate step, of the effective implementation of these processes”.
Mihaela Rodica Suciu, Director General of DEER: “Reality shows us that we must be prepared, permanently, for the possibility of cyber-attacks, to have on the table innovative solutions and examples of good practices, which lead to a security, respectively cyber health of our business. By organizing this forum, DEER launched the invitation for a proactive approach and action in cyber security, a common approach and effort of energy companies to ensure the security of infrastructure and IT systems.
According to the European Commission, investments in networks of 584 billion euros are needed, of which 75% must go to digitization and the prevention of cyber-attacks. We need investments and modernization of networks, increasing capacities. If we invest 75% in digitization and protection, the remaining 25% is not enough for networks. So, shareholders need to think carefully and help us invest more. Medium and long-term thinking is needed because, indeed, the pressure on the end user, which manifests itself through tariffs, will at some point be very high. We have to find solutions, and here I want to refer to the solutions that we, the DEER team, have found accessing European money. On the Modernization Fund, we exceeded the critical figure of three billion lei. We still have projects of about two billion, but we need funds, we need the Modernization Fund to be supplemented, so as not to create great pressure on distribution tariffs. So the major investments must be made in networks and investment in networks must double with investment in digitization and protection.”
What the female leadership of the future in IT and cybersecurity looks like, in the context of transformations in the energy field, was the topic of a very interesting panel dedicated to women at the Energy Cyber Security Forum. It was insisted, in the discussions, for more chances to be given to women specialized in technical sciences in the energy sector and the need for specialists in the field of cyber security.
Alexandru Chiriță, CEO of Electrica, concluded: “The Energy Cyber Security Forum was an excellent opportunity to address essential topics, including:
- The role of employees as the first line of defense against cyber threats, through awareness and continuous education;
- Artificial intelligence as an indispensable ally for detecting and preventing attacks on critical infrastructures;
- The need for close collaboration between IT experts and the energy industry, to share knowledge and effective solutions;
- Legislation and regulations – how can we support a stronger framework adapted to today’s challenges”.
At the end of the Forum, Mihaela Rodica Suciu stated: “The success of the two editions leads us to continue organizing this necessary event, in which we, the DEER team, believe and rely on to increase awareness of cyber security, especially in the energy field. Therefore, we are already sending the invitation for the third edition of the Energy Cyber Security Forum, which will also take place in Cluj-Napoca, in November 2025”.