REGULATORY FRAGMENTATION AND HARMONIZATION CHALLENGES IN ENERGY SECTOR CYBERSECURITY LAW
Kalit so‘zlar:
regulatory fragmentation, cybersecurity law, energy sector, harmonization, critical infrastructure, governance frameworks, compliance burdens, international cooperation.Avstrakt
This study examines the complex landscape of regulatory fragmentation affecting cybersecurity governance in the energy sector, analyzing the challenges posed by overlapping jurisdictions, inconsistent standards, and competing regulatory frameworks. Through comprehensive analysis of national and international cybersecurity regulations, this research investigates how regulatory fragmentation undermines effective cyber risk management in critical energy infrastructure and explores potential pathways toward harmonized governance approaches. The findings reveal that current regulatory fragmentation creates compliance burdens, security gaps, and operational inefficiencies that compromise the overall cybersecurity posture of energy systems. The study demonstrates that while individual regulatory frameworks may be well-intentioned, their lack of coordination results in contradictory requirements, duplicative oversight, and inadequate protection of interconnected energy infrastructure. These findings have significant implications for energy security, international cooperation, and the development of coherent cybersecurity governance frameworks that can address the transnational nature of cyber threats while respecting national sovereignty and sectoral specificities.
##submission.citations##
Bompard, E., Huang, T., Wu, Y., & Cremenescu, M. (2019). Classification and trend analysis of threats origins to the security of power systems. International Journal of Electrical Power & Energy Systems, 108, 614-626.
Bronk, C., & Tikk-Ringas, E. (2013). The cyber attack on Saudi Aramco. Survival, 55(2), 81-96.
Campos-Náñez, E., Garcia, A., & Li, C. (2018). A game-theoretic approach to efficient power management in sensor networks. Operations Research, 56(3), 552-561.
European Union Agency for Cybersecurity. (2020). Guidelines on security measures under the NIS Directive. Publications Office of the European Union.
Falco, G., Caldera, C., & Shrobe, H. (2018). IIoT cybersecurity risk modeling for SCADA systems. IEEE Internet of Things Journal, 5(6), 4486-4495.
Hathaway, M., Demchak, C., Kerben, J., McConnell, B., & Sullivan, J. (2020). Cyber readiness index 2.0: A plan for cyber readiness. Potomac Institute for Policy Studies.
International Energy Agency. (2021). Cyber resilience in the electricity ecosystem. IEA Publications.
Klimburg, A. (2021). The darkening web: The war for cyberspace. Penguin Books.
Leskin, S., Hastings, J., & Haga, R. (2020). Smart grid cybersecurity: A survey of solutions and challenges. Computer Networks, 169, 107094.
National Institute of Standards and Technology. (2018). Framework for improving critical infrastructure cybersecurity (Version 1.1). NIST Cybersecurity Framework.
North American Electric Reliability Corporation. (2019). CIP standards and cyber security. NERC Publications.
Sapkota, N., Khanal, A., & Singh, K. (2021). Cybersecurity challenges and opportunities in the smart grid. Renewable and Sustainable Energy Reviews, 144, 111020.
Tikk-Ringas, E. (2016). Developments in the field of information and telecommunications in the context of international security. Computer Law & Security Review, 32(5), 768-777.
U.S. Department of Energy. (2020). Cybersecurity capability maturity model (Version 2.1). DOE Office of Cybersecurity, Energy Security, and Emergency Response.
Zetter, K. (2014). Countdown to Zero Day: Stuxnet and the launch of the world's first digital weapon. Crown Publishers.
