This video isn’t available to you right now
Login to check your access and watch the full session
About the session
The presentation outlines Ofgem’s evolving approach to security assurance—emphasising risk-based, engagement-led oversight, and the importance of independent audits, operational exercises, and technical testing. Key sector progress is discussed, including the positive shift in cybersecurity culture, the impact of inspections and enforcement, and the need for continuous improvement to keep pace with evolving threats. The presentation also addresses the changing threat landscape, with rising cyberattacks, geopolitical risks, and the transformation of homes, businesses, and transport through electrification and smart technologies. Regulatory updates are detailed, including Ofgem’s new assurance approach, the forthcoming Cyber Security and Resilience Bill (2025), and the introduction of a voluntary Cyber Governance Code of Practice. The importance of holistic security—integrating cyber, physical, operational, and organisational dimensions—is emphasised, along with the need for adaptive resilience and preparedness for systemic risks.
The session concludes with key takeaways for stakeholders: extending protection beyond critical systems, aiming for continuous improvement, and ensuring security planning accounts for cascading risks across the national infrastructure.
Hariharan Ramachandran, Principal - Regulatory Assurance, Competent Authority, Ofgem, UK
