With the advance of digitalisation, power grids are more and more controlled and monitored by smart information and communication technologies. This increases the risk of compromising the availability, integrity or confidentiality of data. In extreme cases, a cyber attack can lead to a large-scale power blackout with serious consequences. Cyber security thus becomes a key issue in ensuring the secure power supply.
Electricity network operators are responsible for ensuring a secure, high-performance and efficient network (Art. 8 Electricity Supply Act). In the view of the Federal Electricity Commission (ElCom), this also includes protection against cyber risks. In the event of a cyber attack, electricity network operators must be able to ensure delivery to downstream suppliers and end consumers, and Switzerland's system stability must not be jeopardised.
As the regulator, ElCom therefore expects electricity network operators to implement the industry standards laid down in documents «ICT Continuity», «Handbuch Grundschutz für Operational Technology in der Stromversorgung» and «Richtlinien für die Datensicherheit von intelligenten Messsystemen» issued by the «Verband Schweizerischer Elektrizitätsunternehmen». This implementation shall be efficient and risk-based. The costs are chargeable within the meaning of Article 15 Electricity Supply Act.