Manage risk

New challenges, same priority

In a world that is constantly changing, digitalisation, technological advances and smart grids have created new opportunities, but that also brought new challenges that we face with the same security.

Cybersecurity
Fraud attempts

Nowadays, where people, companies and businesses are increasingly digitally connected, it is essential to ensure the security of information and infrastructures.

Cybersecurity is playing an increasingly important role in protecting sensitive information and technologies that are fundamental pillars of our business, namely the critical digital infrastructures that support the operation of the electricity grid, essential for the functioning of society.

In cyberspace, as in the physical world, prevention is an essential part of ensuring security. Educating the community on the importance of the topic, becoming an obstacle to these threats, and conducting tests to identify possible vulnerabilities are two relevant examples of how to act preventively.

Remove Margins
Remove Top margin of the component
Remove Bottom margin of the component
Cybersecurity aims to ensure the following properties of information:
Remove Margins
Remove Bottom margin of the component
in the middle, title above
Background 01 - Card White
Confidentiality

The information is not disseminated inappropriately.

Integrity

The prevention against unauthorized modification and/or destruction of information.

Availability

The accessibility of information where and when it is needed and without undue delay.

Our commitment

At E-REDES we are committed to working to be at the forefront and ensure the security of our customers and our network.

Central focus on cybersecurity
 

We reduce the threat level

Digitalisation processes bring with them an increasing concern to increase the focus on cybersecurity. Any power outage can have significant impact on society and the economy. 

We make smart grids smarter

Over the past few years, we have been working to ensure the highest security standards for our smart grids. We have set up a training centre to prepare our professionals to respond promptly to any threat, and we continuously do cybersecurity tests to quickly detect and correct any vulnerability in our infrastructure. In addition, we have a dedicated team in our Integrated Supervision Centre, which monitors our network 24 7.

We are pioneers in protecting the future

We want to be at the forefront and that is why we are involved in European initiatives that lead the way in addressing cybersecurity concerns. E-REDES is one of the 12 founding members of the European Energy - Information Sharing & Analysis Centre (EE-ISAC), a taskforce initiative of the electricity sector for an international collaboration focused on the security and resilience of the European energy infrastructure against cyberattacks; and we are a member of the ENCS association, which brings together cybersecurity operators and experts in the development of cybersecure critical energy infrastructures.

Remove Margins
Remove Bottom margin of the component
Information Security Policy

Information, regardless of whether it is digital or physical, is a fundamental strategic component of E-REDES' business. The scope of Information Security Management is to protect people, IT assets and the information they generate and process, covering all the information within the scope of the Information Security Management System (ISMS) managed by E-REDES. To this end, we have developed an Information Security Policy, aligned with the ISMS, in which the E-REDES Board of Directors defines the strategic objectives of Information Security and the respective tactical objectives.

Translated with DeepL.com (free version)

1. Adopt best cybersecurity practices in line with the EDP Group
  • Ensure compliance with reference standards, including legal and regulatory obligations
  • Contribute to consolidating the EDP Group's commitment to Information Security
  • Boosting the maturity and continuous improvement of the organisation's cybersecurity
2. Manage cybersecurity risks throughout the life cycle of information assets
  • Ensuring the availability, integrity and confidentiality of information
  • Leading the implementation of cybersecurity principles
  • Promoting the organisation's commitment to Information Security
  • Managing Information Security in the Supply Chain     
3. Strengthen cybersecurity operations and ecosystem, with a focus on IIMC
  • Evolving cybersecurity platforms, aiming to adopt cutting-edge technology
  • Ensure efficient prevention, detection, response and recovery from Information Security incidents
  • Ensuring alignment with business continuity objectives
4. Promote a transversal and participatory cybersecurity culture
  • Train and encourage employees to act as the first line of defence
  • Challenge top management to promote a lead-by-example culture
  • Provide differentiated cybersecurity training according to employees' level of risk
  • Develop comprehensive and innovative communication initiatives
5. Boost the cybersecurity maturity of the sector and society
  • Establishing and strengthening national and international information-sharing partnerships
  • Benchmarking best practices in the sector
  • Enable the detection and response to potential attacks through advance knowledge of peer incidents

1
2
Fundamental Axes

A good cybersecurity strategy should consider multi-layered mechanisms and controls, following the principles of in-depth defence.

From the protection of computers and networks to the programs and data you want to keep secure, we monitor the progress and recommendations that exist in the area, defining strategic cybersecurity objectives. People, processes and technology must complement each other to ensure organisations can defend effectively against cyberattacks.

 

Remove Margins
Remove Bottom margin of the component
in the middle, title above
Background 01 - Card White
People

Users should adhere to basic data protection principles such as choosing strong passwords, keeping an eye on the emails they receive, and backing up the relevant information.

Processes

The implementation and exercise of processes allows the consolidation and systematisation of the security strategy of any organisation, helping to prevent, detect and respond to cyberattacks and ensure the resilience of operations.

Technology

Essential for ensuring the protection of organisations and people in a digital environment. Securing computers and networks with the right hardware and software is one of the first barriers to protecting against unwanted attacks.

E-REDES FIVE GOLD RULES OF CYBERSECURITY
Be vigilant!

Whether in emails or in your web browser, never click on links or open attachments of dubious origin.

Always check that the domains of the senders of the emails you receive are related to the entity sending them.

Check that the websites you access start with https://.

Around 80% of cyber-attacks start through phishing, a cyber-crime that consists of distributing emails with links to fake websites (banking institutions, social networks or others), to obtain personal data from users through update requests.

ciberseguranca-esteja-vigilante.png
E-REDES FIVE GOLD RULES OF CYBERSECURITY
Use strong passwords and do not reuse them

Ideally, your password should consist of several types of characters, such as letters (lower and upper case), numbers and special characters.

Avoid including names, dates and document numbers.

Do not share your password, do not have it written down and do not use the same one for different logins, because if someone finds it for one account, they will be able to access all the others.

The passwords "123456", "password" and "qwerty" are some of the most commonly used passwords in the world. They are dangerous because they are not very complex and quite common.

ciberseguranca-passwords-fortes-v2.jpeg
E-REDES FIVE GOLD RULES OF CYBERSECURITY
Lock your device whenever you are away

Never leave your device without locking it, whether it's your computer, phone or tablet.

Set an automatic lock time for your device. That way, even if you forget to do so, the device will lock itself after that time (e.g. 30 seconds).

Leaving your device unlocked can allow important information to be stolen by third parties.

ciberseguranca-bloqueie-o-pc.png
E-REDES FIVE GOLD RULES OF CYBERSECURITY
Do not connect unknown devices

Be careful with the devices you connect to your computer. Viruses can be spread using infected USBs, external disks or cell phones.

Similarly, don't connect your USB or external disk to devices you don't know or that are used by many people.

ciberseguranca-nao-conecte-dispositivos-desconhecidos.png
E-REDES FIVE GOLD RULES OF CYBERSECURITY
Make backups regularly

Save the most important information on an external device or cloud drive. That way, if anything happens to your computer or the device that holds your data, you'll have a backup of what you need.

ciberseguranca-backups.png