The revision of the Cybersecurity Act is a key step towards addressing non-technical cybersecurity risks and protecting Europe’s critical infrastructure against third-country vendor dependencies.
In its position paper, ESMIG highlights the need to ensure the trusted ICT supply chain framework is fully effective for electricity grid digitalisation and advanced metering infrastructure (AMI) — given their role in managing energy flows, sensitive data, and remote system access.
With large-scale smart meter deployment underway, procurement decisions taken today will shape Europe’s long-term cybersecurity and infrastructure resilience. ESMIG has consistently called for the identification – and where necessary the exclusion – of high-risk suppliers from EU critical energy infrastructure tenders.
The revised Cybersecurity Act’s trusted ICT supply chain framework is a strong regulatory response to address non-technical cybersecurity risks in the geopolitical context, strengthening Europe’s strategic autonomy and economic security.