Challenge and objective

  • The technological evolution has enabled Norwegian Distribution System Operators (DSOs) to make greater use of products and services from external suppliers. Although outsourcing provides resources, expertise and cost-effectiveness, it also introduces new dependencies and gates for potential attacks. As the dependence upon suppliers and the system complexity increase, the use of suppliers has to be taken into account in the cybersecurity incident management for the DSOs.

Work performed

  • Interview study of DSOs and vendors of industrial control systems on how they cooperate on incident management.
  • Current practices for the involvement of suppliers in incident management are investigated.

Significant results

  • An understanding of current practices, including both successful practices and challenges.
  • Recommendations for both DSOs and the power industry at large. DSOs are particularly recommended to involve suppliers more in preparatory activities, and supplier contracts should be improved. 

Impact for distribution system innovation

  • Awareness of the need for improved collaboration between DSOs and their vendors.
  • Improved cyber resilience.

Oddbjørn Gjerde

WP2 Lead
+47 99 730 027
Oddbjørn Gjerde
WP2 Lead


Reference in CINELDI