Cyber security and resilience in the energy sector in the Nordic region

On behalf of the Crescendo initiative, the Research Council of Norway welcomes applications for projects aimed at strengthening cybersecurity resilience across the Nordic energy sector. With a focus on cross-border collaboration, innovation, and capacity building, this call targets the unique cybersecurity challenges faced by energy organisations, particularly of IT and OT systems. 

We will fund high-impact projects that deliver tailored cybersecurity services, address critical skills gaps and help align industry practices with EU frameworks, such as the NIS Directive and the Critical Entities Resilience (CER) Directive. Projects should demonstrate practical value and potential for adoption across the energy sector. 

Background 

The energy sector is facing growing cybersecurity challenges. Highly connected and increasingly digital, even small, local operations can trigger large-scale consequences across national borders. As Europe accelerates its green transition, the need for secure, reliable, and resilient energy systems has never been more urgent. 

CRESCENDO puts the Nordic region in the spotlight—not just for its advanced and diverse energy systems, but for its unique potential to drive innovation in cybersecurity. With energy production spanning hydropower, wind, offshore, nuclear and solar power, the region offers a real-world testbed for securing complex and decentralised infrastructures.  

Importantly, the Nordic countries bring a proven culture of cross-border collaboration, high trust and shared policy implementation, creating a strong foundation for piloting innovative solutions. Their heterogeneous environments expose a wide range of vulnerabilities, making lessons learned here highly relevant for Europe's broader energy landscape. The Nordic electricity system, among the most digitalised in the world, offers a unique opportunity to develop and test forward-looking solutions. Proposals may leverage this position to create models and practices with potential for replication across Europe. 

By addressing these challenges through research and innovation, CRESCENDO aims to deliver insights, tools, and approaches that strengthen cybersecurity across Europe—supporting the green transition and securing our shared energy future. 

Thematic framework 

We invite applicants to consider one or more of the following aspects in proposals: 

Risk Assessments 

Development of tailored risk assessment methodologies that address the unique characteristics of IT/OT convergence in Nordic electricity grids and production systems. 

Frameworks for assessing the impact of cyber incidents on grid reliability, safety, and continuity of service. 

New tools and metrics for evaluating cyber maturity in OT environments, including legacy systems. 

Sector-specific risk scenarios that incorporate geopolitical, supply chain, and technological dependencies. 

Penetration Testing 

Safe and controlled testing methodologies for conducting penetration testing on operational environments without disrupting live grid operations. 

New tools and techniques designed specifically for simulating cyberattacks against OT protocols and ICS components. 

Validation environments (such as "digital twins") that enable realistic testing of cyber-physical attack vectors. 

Guidelines and standards for integrating penetration testing into regular security audits and compliance processes in the energy sector. 

Threat Modelling 

Threat modelling approaches that reflect the hybrid nature of cyber-physical systems and the cascading effects of OT compromise. 

Updated threat intelligence models tailored to the evolving tactics of adversaries targeting energy infrastructure (e.g., APTs, ransomware-as-a-service). 

Dynamic threat modelling tools that adapt to system changes, configurations, and newly discovered vulnerabilities. 

Methods for incorporating insider threats, human error, and social engineering into technical threat models. 

Expected impact and outcomes 

We encourage you to develop proposals that directly respond to the critical vulnerabilities and needs of today’s digitalised electricity systems in the Nordic region. The focus of this call lies at the intersection of Information Technology (IT) and Operational Technology (OT 

Modern electricity grids rely increasingly on smart technologies, IoT devices and remote management. This digital transformation creates more efficiency but also introduces serious cybersecurity risks. Where OT systems once operated in isolated environments, they are now deeply integrated with IT networks — exposing critical physical infrastructure to digital threats. 

We seek projects that address this evolving threat landscape and propose concrete, scalable solutions for hybrid scenarios and malicious cyberattacks, such as Advanced Persistent Threats (APTs), ransomware and supply chain vulnerabilities. 

Projects that receive funding are expected to: 

• Enhance cyber resilience, especially among SMEs, reducing vulnerabilities and risk of cascading failures in the energy grid. 
• Support the adoption of practical cybersecurity tools such as OT monitoring, penetration testing, and risk assessments. 
• Develop critical IT/OT competencies and close existing skills gaps through targeted capacity building. 
• Improve preparedness and response capabilities by integrating cybersecurity into emergency planning and joint exercises. 
• Promote alignment with NIS and CER directives, ensuring compliance and strengthening regulatory readiness. 
• Facilitate cross-border collaboration, knowledge sharing, and co-creation of scalable, repeatable cybersecurity solutions. 

The call for proposals is available in English only. The English call text is legally binding.

This call addresses various areas within cyber security, particularly those noted above. We accept applications for funding for both applied research and innovation, with a focus on the energy sector.