Talking non-nuclear critical energy infrastructure security

Talking non-nuclear critical energy infrastructure security

Tim Compston, Features Editor at SecurityNewsDesk, interviews Thomas Wuchte, Head on Anti-Terrorism Issues – Transnational Threat Department – at the OSCE on the hot topic of protecting critical energy infrastructure which keeps the wheels of the global economy turning.

It is all too easy to sit back and take the energy that powers our day-to-day lives for granted, especially as we are in an era which is far removed from the days of ‘blackouts’ and ‘brownouts’. However, while things may seem smooth on the surface the reality is more turbulent behind-the-scenes. This type of national infrastructure is under threat like never before, and not just from physical attack. Today the cybersecurity of these facilities is also high on the agenda. This is a situation which Thomas Wuchte says the OSCE (Organisation for Security & Cooperation on Europe) and its partners have been accelerating their efforts on over the last couple of years.

Talking non-nuclear critical energy infrastructure security
Thomas Wuchte, OSCE Head on Anti-Terrorism Issues

This has led, ultimately, to the development of a ‘good practice guide on Non-Nuclear Critical Energy Infrastructure Protection (NNCEIP) from terrorist attacks’ which, Wuchte confirms, has a very strong focus on the new ‘threats emanating from cyberspace’ and, crucially, how to manage these risks and achieve incident response preparedness, infrastructure resilience and energy reliability.

A transnational perspective
When we start our discussion, Wuchte, who recently gave a keynote presentation on the subject of critical energy infrastructure security at Counter Terror Expo, is keen to tell me more about the pivotal role the OSCE plays in an increasingly uncertain world. By any measure the geographic reach of the OSCE, which is headquartered in Vienna, Austria, is impressive, Wuchte points out that it is, in his words: “The biggest regional security arrangement after the United Nations, with 57 participating states and 11 partners. We like to say that our OSCE family stretches all the way from Vancouver to Vladivostok.”

Drilling down into the work of the OSCE, Wuchte explains that the organisation’s efforts are focused on a number of key security issues. For his part, Wuchte has a cross-border remit which has counter terrorism at its heart: “Our Transnational Department also deals with border security and management and strategic police matters.” With cybersecurity, by its very nature, having a strong transnational dimension it is perhaps not too surprising that this virtual threat is a growing element of the Department’s efforts.

Cybersecurity issues
Wuchte moves on to outline the genesis of the ‘good practice guide’ on NNCEIP which he referenced at the recent Counter Terror Expo with regards to cybersecurity, in particular: “Back in 2010/11 period we held a large meeting amongst our organisations that looked at all the issues involving non-nuclear critical energy infrastructure protection. The reason why we have this word ‘non-nuclear’ is that we recognise that the International Atomic Energy Agency [IAEA] quite capably handles issues around nuclear security.” He reports that there was strong interest from OSCE’s participating states to look at the sort of infrastructure that could potentially be used by adversaries as targets to attack and disrupt: “From this we narrowed our focus to the protection of critical energy infrastructure from terrorist attacks and the threats emanating from cyberspace. This was a large piece of my presentation at the Counter Terror Expo,” explains Wuchte.

Public and private co-operation
During the exercise to develop the ‘guide’ itself, Wuchte points out that it was important that both the public and private sectors were well represented: “We gathered the stakeholders to draft the guidebook in 2013/14 and got not just government policymakers that are usually concerned about this, but also the business community on-board. Partnerships between the public and private sector really are essential to maintaining critical infrastructure security and the resilience of that infrastructure. It was quite a good collaborative process and we also had NATO and the EU involved.”

Connectivity – opportunity and threat
Wuchte says that the threats relevant to non-nuclear critical energy infrastructure operators can be classified in many ways and that the pressing concern, with the sort of industrial computerised control systems found on these sites is their ever-greater degree of interconnection and integration: “On the one hand it makes this infrastructure easier to operate but they are also, increasingly, at risk from manipulation and targeted cyberattacks,” reflects Wuchte.

“We felt within our organisation [OSCE] that, given this, such cyber-related threats were particularly important for non-nuclear critical energy infrastructure operators.” Of real concern here, reckons Wuchte, are the so-called ‘cascade effects’ which can flow from any initial incident: “This means that a well co-ordinated cyberattack could, potentially, be even more damaging than a physical attack.”

He goes on to explain that, ultimately, the 100 page guide is designed to provide a working framework for governments and operators to consider in the context of their own country’s ongoing approach to these issues: “It is a publically available document. Again going back to the term ‘stakeholders’, it has to be seen as everybody’s concern not just the policymakers themselves. Businesses play an ever more important role fighting terror, especially in cases where their infrastructure could be targeted. It was apparent from the process of developing our guidebook that most of the Internet infrastructure, including communication platforms, is privately owned. We have this term: ‘developing effective public-private partnerships’, and we are very proud of the approach we take to this issue at the OSCE.”

Talking non-nuclear critical energy infrastructure securitySecurity scenarios
Asked how things have progressed since the guide was first published, Wuchte is quick to respond by emphasising that the document was never intended to just be issued and then the job was essentially over. In fact he sees it very much as just the start not the end of efforts here: “We are now in the process of developing national table-top risk assessment and crisis situation management exercises. We have taken some lessons learned from the guidebook and applied them most recently, at our first event in Spain, by going through scenario-based discussions with public-private partnerships. Here is a situation and here are ways you could think through what you could have done in advance or what you would do in reaction to an attack.”

Moving ahead, Wuchte reflects that the OSCE guidebook on ‘Non-Nuclear Critical Energy Infrastructure Protection (NNCEIP) from terrorist attacks’ is an extremely useful tool to help people think things through if, unfortunately, something does happen which interferes with the working of their critical energy infrastructure: “You have a good knowledge base – and plan – about how to work through the process,” he says.
Generating best practice

So, to conclude, with the cyber threat to critical infrastructure recognising no boundaries, powering ahead with transnational initiatives to develop and disseminate best practice, like Thomas Wuchte and his team at the OSCE, is certainly a step in the right direction.

[su_button url=”https://www.securitynewsdesk.com/newspaper/” target=”blank” style=”flat” background=”#df2027″ color=”#ffffff” size=”10″ radius=”0″ icon=”icon: arrow-circle-right”]For more stories like this click here for the SecurityNewsDesk Newspaper[/su_button]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Frank Mueller headshot

How LiDAR protects railways

Frank Mueller, Hexagon, presents a thought leadership perspective of the use of LiDAR in railway infrastructure.
Image provided by Customs support group

Hello Post-Brexit Security Protocols

Jo Cloherty, Senior Commercial Manager at Customs Support Group, explores the 2025 Safety and Security Protocols that have…
Two young intercultural programmers trying to solve problem with access to data while interacting in front of computers

DDoS attacks targeting critical infrastructure

NETSCOUT released its 2H2024 DDoS Threat Intelligence Report, revealing how Distributed Denial of Service (DDoS)…
Image Provided by IPSA

IPSA Appoint Frontline Hero as Ambassador

Abdullah, the courageous security officer praised for foiling a horrific knife attack at Leicester Square, has been appointed as…
Rasheed Alzahrani

Big Interview – Rasheed Alzahrani

Rasheed Alzahrani, Director of Safety and Security at King Salman Park Foundation, shares insights into innovative safety and security… 
Copyright: Security Buyer

Perimeter Protection: Balancing Physical and Technology

Joseph Clarke, Assistant Editor advocates for a hybrid approach to balancing physical and technological barriers in perimeter security…
FLIR

Product Spotlight – FLIR

How DP World Yarimca relies on FLIR Security Solutions for efficient and secure port security operations …
Chubbsafes

Chubbsafes Celebrates 190 Years of Heritage, Trust, and Innovation

Chubbsafes proudly marks its 190th anniversary in 2025. Since its first safe patented in 1835, Chubbsafes has become synonymous…
Oil and Gas

Navigating Africa’s Oil & Gas Industry

A comprehensive analysis of security strategies in Africa’s oil and gas industry, covering physical, cyber, and remote surveillance measures.
AI Ethics

AI Ethics in Surveillance

Rebecca Spayne of Security Buyer examines the balance between privacy and security with the growing inclusion of AI and ethical…
Scroll to Top