Part of series: EU Electricity
EU Electricity Market Cybersecurity Regulations
Last updated:
Key points on cybersecurity from 2024/1366 and 2019/943
Regulation (EU) 2024/1366 — Intro
The Commission Delegated Regulation (EU) 2024/1366 (11 March 2024) strengthens cybersecurity across the EU electricity market. It requires enhanced protection measures, formal risk management frameworks, and streamlined incident reporting to safeguard critical infrastructure, with emphasis on digital integration, consumer protection, and cross‑border coordination.
- Enhanced cybersecurity measures across electricity market infrastructure
- Cyber risk management: regular assessments and mitigation strategies
- Incident reporting: streamlined processes to enable swift, coordinated response
Regulation (EU) 2019/943 — Intro
Regulation (EU) 2019/943 (5 June 2019) targets the internal electricity market, promoting renewable integration, efficiency, and consumer empowerment. It sets measures to protect critical infrastructure, emphasizing cybersecurity and resilience, and reinforces cross‑border cooperation and regional coordination to improve security of supply.
- Protection of critical electricity infrastructure and cyber‑resilience
- Cross‑border coordination and information sharing among Member States
Comparison
- 2024/1366 adds detailed requirements for risk management and incident reporting, reflecting today’s threat landscape.
- 2019/943 lays the market and cooperation groundwork later expanded by 2024/1366 into more structured collaboration and response mechanisms.
References
- Commission Delegated Regulation (EU) 2024/1366: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=OJ:L_202401366
- Regulation (EU) 2019/943: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32019R0943