The UK energy sector is navigating a period of significant change, both in the regulatory environment and in the nature of the threats it faces.
Ofgem’s proposed expansion of cyber regulations looks set to bring all Ofgem-licensed organisations into scope, representing a substantial shift in the compliance landscape. For many organisations, this will prompt important conversations about readiness, capability, and how to build a credible and sustainable cyber security posture.
The Cyber Assessment Framework (CAF) – set to be further embedded through the incoming Cyber Security and Resilience Bill – is increasingly the standard against which energy sector organisations will be measured, but understanding what genuine adoption looks like, and how to move beyond tick-box compliance, is a pressing challenge for senior leaders across the sector.
At the same time, the threat landscape is evolving at pace. Nation state actors are increasingly leveraging AI to enhance the scale, sophistication, and speed of their attacks, with Critical National Infrastructure (CNI) a prime target. The risk is not static, and neither can the sector’s response be.
This breakfast briefing, in partnership with Waterstons, brings together senior leaders from across the UK energy sector to explore these converging pressures — discussing the practical implications of regulatory change, the realities of the modern threat environment, and what it means to build genuine cyber resilience in one of the UK’s most critical industries.
Speakers tba
