Adwisery experts are supporting Nordic Solar in addressing cybersecurity requirements under the Law on Energy of the Republic of Lithuaniafor two solar parks
Adwisery experts are supporting Nordic Solar in addressing cybersecurity requirements under the Law on Energy of the Republic of Lithuania for two solar parks: one located in Molėtai, the largest solar park in Lithuania, and the other in Švenčionys. The objective of the project is to meet the cybersecurity requirements established by Regulation (EU) 2019/941 of the European Parliament and of the Council of 5 June 2019 on risk-preparedness in the electricity sector and by the Law on Energy of the Republic of Lithuania.
* Abbreviations and explanations
- Regulation (EU) 2019/941 – Regulation of the European Parliament and of the Council on risk-preparedness in the electricity sector. It establishes common requirements for Member States, transmission system operators, and regulatory authorities to ensure the security of electricity supply. The Regulation obliges stakeholders to carry out risk assessments, prepare action plans for potential supply disruptions, and coordinate the preparedness of Member States for emergency situations in the energy sector.
- Law on Energy of the Republic of Lithuania – A national law regulating the governance, development, and supervision of the energy sector. The Law sets out the procedures for the use of energy resources, energy production, supply, transmission, distribution, and consumption, as well as the obligations of energy entities to ensure energy security, reliability, and compliance with cybersecurity requirements.
- GAP Analysis – identify the current situation and the desired situation, then present the difference, what is missing, to achieve the desired situation.
- PETA – Rules for the Use of Electricity Networks.
During the project, experts will:
- Perform a requirements gap analysis (GAP analysis);
- Prepare and align drafts of cybersecurity policies and the procedures implementing them;
- Organise employee training sessions;
- Conduct an information security risk assessment;
- Assess compliance with the requirements of the Law on Energy of the Republic of Lithuania and its implementing legislation (PETA);
- Together with Partners, assess the implementation of technical cybersecurity control measures in accordance with PETA provisions, covering security requirements applicable to information and control systems in the electricity sector.
Purpose:
- To ensure proper preparedness for the cybersecurity requirements of Regulation (EU) 2019/941 and the Law on Energy of the Republic of Lithuania;
- To prepare a Cybersecurity Report;
- To complete the Security Declaration.
Benefits:
- Ensured compliance with Regulation (EU) 2019/941 and the Law on Energy of the Republic of Lithuania;
- Clearly defined information security and cybersecurity processes;
- Strengthened organisational cyber resilience and risk management.
Estimated duration of service:
| Beginning | 2025 December | Estimated duration | 3 months |
|---|---|---|---|
| End | 2026 February |
References to legislation:
- Regulation (EU) 2019/941 of the European Parliament and of the Council of 5 June 2019 on risk-preparedness in the electricity sector and repealing Directive 2005/89/EC
- Law on Energy of the Republic of Lithuania
- Rules for the Use of Electricity Distribution Networks of Energijos skirstymo operatorius
- Rules for the Use of Electricity Transmission Networks of Litgrid