A risk assessment methodology has been developed into cyber security threats in the energy supply chain `from gas to electricity´ in The Netherlands. This study was initiated by Shell en TenneT, based on a discussion in the Cyber Security Council and in line with a recommendation in the National Cyber Security Strategy. The study was carried out in 2014 by Shell, Gasunie, Nuon, TenneT and Alliander, with logistic support being provided by the National Cyber Security Centre. Each of these five organisations has a role in the energy supply chain in The Netherlands. The aim of the study is twofold:
- To analyse the joint cyber security outside the limits of the individual organisations and in that way identify the risk of cyber-related threats for the entire supply chain.
- To make a cyber security risk assasment methodology available for supply chains, based on experience gained during the study, so that this can be used in other sectors.
Questions asked were: who depends on whom? What are the types of vital IT systems used in the sector? What kind of risks are there? What kind of cyber security measurements have to be implemented?