RWE AG PAGE 1 28.05.2015
From crisis anticipation to action
Geneva, Switzerland
RWE Group Security
Florian Haacke
Chief Security Officer/
Head of RWE Group Security
RWE AG PAGE 2 28.05.2015
Content / Agenda
1 RWE Group
2 RWE Group Security
4 Q & A
RWE AG PAGE 2
3 Crisis Anticipation & Management
RWE AG PAGE 3
Hard coal 20% 10 GW
Nuclear 8% 4 GW
Gas 34% 16 GW
~49 GW plant capacity
28.05.2015
RWE Group
Facts & Figures
Other 9% 4 GW
Renewables 7% 3 GW
Lignite 23% 11 GW
1 Electricity
> Number 1 in Germany
> Number 2 in Netherlands
> Number 2 in Hungary
> Number 3 in Slovakia
> Number 4 in United Kingdom
> Number 5 in Poland
> Number 3 in Europe
Gas
> Number 1 in Czech Republic
> Number 1 in Netherlands
> Number 2 in Slovakia
> Number 3 in Germany
> Number 4 in United Kingdom
> Number 3 in Hungary
> Number 5 in Europe
Power plant capacity by technology Market positions by sales
RWE is one of Europe’s five leading electricity and gas companies.
We are active at all stages of the energy value chain.
RWE AG PAGE 4 28.05.2015
RWE Group
Business activities along the value chain
HQ RWE
Raw material production
Power generation Supply & Trading Electricity and gas networks
Electricity and gas supply
1
RWE AG PAGE 5 28.05.2015
Content / Agenda
1 RWE Group
2 RWE Group Security
4 Q & A
RWE AG PAGE 5
3 Crisis Anticipation & Management
RWE AG PAGE 6 28.05.2015
RWE Group Security
Organisational Structure
Group Security
Functional Units
I. Group Security
Concentrates on security governance, strategy,
steering and foresights; will set the overall group-
wide standards
II. Functional Unit (FU) Security Management*
Has one dedicated Security Manager
(eq. to 1 FTE max) who acts as one SPOC and
relationship manager for all security-related issues
(including Information Security) within the FU and
who coordinates the security demand.
III. CoE Security
Bundling of group-wide security expertise and
expert ressources.
CoE serves FU's the expert security supply
(analysis, concepts, tools etc) based on the
demand raised and coordinated by the Fus
Security Managers.
CoE also bundles central security functions which
are mainly operative
Finally, CoE directly steers remaining parts of
internal guards until outsourcing is finalized
Security protection concepts
Information Security & CRITIS
Executive and event protection
Security Reviews & QA
Forensics incl. Cyber/IT forensics
BCM & Crisis Management
Security
Risk Mgmt.
& Foresight
Security
Planning &
Governance
CRITIS
& CISO
Security Operations Center
Access control/ ID-card mgmt
BCM &
Strategic
Crisis M.
Security
Research &
Technology
Security
Awareness
& Change M.
Security Manager
Internal Guard management
Third party security management
2 C
en
ter
of
Exp
ert
ise (
Co
E)
RWE AG PAGE 7 28.05.2015
Content / Agenda
1 RWE Group
2 RWE Group Security
4 Q & A
RWE AG PAGE 7
3 Crisis Anticipation & Management
RWE AG PAGE 8 28.05.2015
Crisis Anticipation & Management
Co-operations and Networks*
* Examples, list is not exhaustive
RWE Group Security regularly shares intelligence regarding emerging
threats with key stakeholders and partners.
3
> Industry
> Authorities > PPP and Associations
RWE AG PAGE 9 28.05.2015
Crisis Anticipation & Management
At example of: Cyber(Security)Hub E
Framework by Cybersecurity Council Germany, hosted by RWE!
2
E Cyberhub
…
…
…
1
24/7
3
RWE AG PAGE 10 28.05.2015
Crisis Anticipation & Management
Central facilities: SOC & CCMR
Security Operations Center Central Crisis Management Room
3
RWE AG PAGE 11 28.05.2015
Crisis Anticipation & Management
Skill comes with practice
Cyber Europe 2014 EU
> Europe’s largest and
most complex cyber
security exercise
organised by ENISA
> >2,000 cyber incidents
> Energy sector as main
target
Gas Plant Staythorpe UK
> Attackers gain access
to controls and switch
off gas supply and site
> Additional pollution of
river
> Streaming on Social
Media
Gas Plant Eemshaven NL
> Occupation of gas plant
by attackers
> Complex legal issues
> Test of new structure,
stakeholder manage-
ment and liaison
between RWE and
authorities
Focus on domestic and international training as well as internal and external
stakeholder management and liaison.
29 Oct 2014
Earthquake TR
30 Oct 2014 09 Feb 2015 09 Jun 2015
TBD TBD
> TBD
> TBD
> TBD
> Evacuation of office
buildings following an
earthquake
> Disruption of electri-
city, communication
and transport
> External attacks
3
RWE AG PAGE 12 28.05.2015
From crisis anticipation to action
Summary
Continuous and foresighted assessment of security risks remains to be the greatest challenge for
all stakeholders. RWE responds with a broad mixture of early warning and risk mapping infrastructure
as well as a strong network and liaison with governmental bodies and the private sector.
Crisis Management at RWE is aligned with core business processes and supported by a centrally
steered but decentrally operated Business Continuity Management.
Centralisation of specialized resources and intelligence is essential for us as it creates synergies that
provide the maximum amount of power and flexibility for crisis anticipation and response.
Top Management commitment is prerequisite for a successful Corporate Crisis Management.
RWE Group Security constantly focuses on positive key stakeholder management, specifically C-Suite.
As governmental crisis anticipation and response capabilities are depending increasingly on
the private sector, companies should be encouraged through incentives rather than restrictive law
regulations. Mutual trust in each other’s abilities is the key for efficiency.
Anticipation and response for an ever-changing and increasing threat environment requires trusted
intelligence sharing as well as collaboration on eye level between governments and the private sector.
3