What this stakeholder priority is about
This stakeholder priority is about how we protect our network from external threats such as cyber-attacks, physical attacks and extreme weather. It also ensures we can respond to and recover from incidents when they happen.
Due to the confidential and sensitive nature of our cyber security and physical security business plans, we are unable to fully share detailed information with stakeholders and have agreed to provide our plans directly to Ofgem for assessment.
Included within our submission are the two cyber business plan documents requested by Ofgem, these are:
- Business IT Security Plan
- Cyber Resilience Plan
What you can find in this chapter
- What this stakeholder priority is about
- Track record and implications for T2
- What our stakeholders are telling us
- Our proposals for the T2 period
- The justification of our proposals
- Our proposed costs for the T2 period
- How we will manage risk and uncertainty
- Next steps
End to end description of stakeholder engagement and how it has influenced our plan
Investment decision packs set out the technical need case, options assessed and proposed investments.
The cost benefit analysis below demonstrates the investment modelling for supporting our decision through various options considered.
Cost benefit analysis to protect the network from external threats
Proposal | T2 baseline (£m) | Consumer benefit |
|---|---|---|
Extreme weather: Protect our sites from surface level flooding and better understand how we protect from weather-related threats in the long term. We will enhance flood protection on a proposed 100 sites as well as addressing increasing erosion incidents and developing a long-term climate change strategy. | 59.81 | All sites at risk of surface level flooding will be protected by the end of the T2 period, protecting end consumers from loss of supply because of substation flooding. |
Physical security: Continue to meet our Physical Security Upgrade Programme (PSUP) requirements at all designated sites. We will enhance physical security on specific PSUP sites commissioning within the T2 period. | 44.63 | All PSUP sites will be protected from physical attack, reducing the risk of loss of supply to consumers because of a physical security incident. |
Cyber security: Enhanced cyber security and capabilities to a level agreed with the NIS Competent Authority. Implementation of investments across OT and Information Technology environments aligned to the NIS Cyber Assessment Framework. | 16.84 (IT)
167.54 (OT) | Many cyber-attacks purposely aim to cause disruption such as loss of electricity supply. Effective protection and enhanced capabilities to respond to incidents minimises the impact on consumers if a cyber incident was successful. |
OpTel: Highly resilient and cyber secure operational telecoms infrastructure, essential for the safe and reliable operation of the system, supporting physical security management and Black Start capabilities. We will replace 1,850km of fibre-wrap, which has reached end of life, and telecoms equipment at 274 sites. | 241.02 | Provides ongoing overall system resilience by enabling communication and operation activities during and following incidents arising from system incidents and external threats. |
Black Start: Enhanced system and people capabilities to ensure an efficient and effective response in a Black Start scenario. We will install high performance LVAC systems and resolve technical limitations at specific sites. | 22.19 | Allows for a faster restoration of supply of electricity to end consumers in the event of a Black Start scenario. |