Critical Infrastructure Protection & Resilience Asia

Florian Haacke

Florian Haacke
CSO / Head of Group Security

Microsoft Word - CIPRE2016 Speaker Reg_FHaacke.docx

Florian Haacke has been the CSO for RWE since 2013. Major achievements include the centralization and professionalization of the group-wide security organization, which includes Security Technology, BCM and Crisis Management, Guarding, Forensics, Executive and Event Protection, Security Intelligence, Forensics, Cyber Security and IT Security Governance. Through bundling and strengthening the group’s security expertise, Mr. Haacke has managed to establish an integrated approach tackling both physical and cyber security risks. For this approach, RWE Group Security received the Outstanding Security Performance Award 2015.

From 2007 to 2013 he was CSO of METRO GROUP and prior to this he worked for seven years in several senior Security Management positions at Deutsche Post DHL Group. From 2002 to 2007 he was advising the European Commission on aviation security matters on behalf of PostEurop.
Master study in Security and Risk Management in UK.

Major d. R., German Armed Forces, Rapid Reaction Division.

Honorary appointments as President of the Alliance for Security in the Industry (ASW) Northrine-Westfalia, Member of the Security Sub Committee of the Federation of German Industries (BDI), member of the advisory board of the scientific research project “IT security in critical infrastructures”, lecturer for strategic steering of Corporate Security organizations at Frankfurt School of Finance & Management and European Business School. Editor of the online service “” of Richard Boorberg publishing company.


Presentation Title: Business Resilience 2.0 – How to manage the necessary shift from physical to Cyber Security

As one of Europe’s leading energy providers RWE faces a variety of security risks. The convergence of physical and cyber security risks has led to a broad and complex risk landscape. Digitalisation is one major trend in the energy business, which has resulted in a shift from physical to Cyber Security.
The German IT Security Law, adopted on 12th June 2015, requires operators of critical infrastructure to ensure a minimum security standard and establish 24/7 security availability on which reports of critical incidents are captured and sent to relevant governmental bodies. Continuous and successful information sharing with public authorities, such as the Federal Network Agency or the Federal Ministry of the Interior, are a basic and necessary requirement of this.
On a European level the Network and Information Security Directive (NIS) provides legal measures to boost the overall level of cybersecurity in the EU by increasing the cybersecurity capabilities, by enhancing cooperation on cybersecurity and by ensuring a high level of risk management practices in key sectors.
Within this presentation the audience will learn about the requirements of the German IT-Security Law and the European NIS Directive and what it takes to fulfill these. Furthermore, the audience will hear how RWE Group Security is managing the necessary shift from physical to Cyber Security in order to ensure a 360° view on both, physical and cyber security for a critical infrastructure business