Review of the network meeting Cybersecurity in the renewable energy sector

The month of April at Energy Storage NL is (ESNL) centered on cybersecurity. In an increasingly more digital world, the energy sector is becoming more vulnerable to cyber threats.

The network meeting Cybersecurity in the renewable energy sector was held on Wednesday, April 16, 2025 at ESNL member DENS on the Automotive Campus in Helmond. This meeting, organized by Energy Storage NL in cooperation with the industry organizations Techniek Nederland, Holland Solar, NedZero, Energie Nederland and Top Sector Energy, brought professionals together to discuss and strengthen the sector's digital resilience. The central message of the day: it is not a question of if, but when an incident occurs.

With inspiring contributions from the DIVD (Dutch Institute for Vulnerability Disclosure), Rijksinspectie Digitale Infrastructuur (RDI), Hoppenbrouwers and CCRC (Cyber Chain Resilience Consortium), not only outlined the threat picture, but also shared insights and practical examples and offered concrete tools for getting started with digital resilience.
 

Highlights from the program 

Industry status and urgency

Chris van 't Hof of the DIVD gave an overview of the current state of the industry and the urgency of cybersecurity. He shared insights on vulnerabilities within the energy sector and emphasized the importance of working together to address them.This presentation provided a unique insight into the perspective of an ethical hacker.  

Policy frameworks and enforcement  

Joepke van der Linden of the National Digital Infrastructure Inspectorate (RDI) discussed the broad policy around cybersecurity and the role of enforcement, specifically developments on the RED and its transition to the CRA at the end of 2027. In addition was er addressed the awareness and implementation of European regulations within the industry, including the AI act. 

Practical examples and tools

Marcel de Boer of Hoppenbrouwers discussed the major cyberattack the company faced in 2021 and how the recovery process went, a real-life thriller. The key learning points from this were the importance of having cyber insurance, the recent investment in new storage technology, help from in-house staff and transparent communication to customers, press and stakeholders. This ensured a successful recovery process and minimization of damage.  

How do you prepare for a cyber crisis? Kelvin Rorive of the Cyber Chain Resilience Consortium (CCRC). gave some handles a.d.v. first aid crisis guide. Create awareness in the organization, train employees, Don't just put cybersecurity with IT but also involve the board and management and make cybersecurity component of the organization's DNA. An important insight is that measures can be taken a.k.a. the hack motive, e.a. Hacktivism, espionage, sabotage or crime, for example.  

Networking and expert tables

After the presentations could the attendees joint lunch and networking and there was an opportunity to join the expert tables, such as those of DENS, Techniek Nederland, Digital Trust Center and DIVD with TheGreenVillage, valuable insights and practical examples. 

The organizing industries will send an information packet next week share with the sectors where the latest developments and the tools and resources available to cyber resilient to be.