Public Power Daily Logo

Crisson outlines public power cybersecurity initiatives


From the October 1, 2013 issue of Public Power Daily

Originally published October 1, 2013

In recognition of October being cybersecurity month, APPA President and CEO Mark Crisson updated APPA members on the association’s new Cyber and Physical Preparedness Committee and other cyber-related activities. In a Sept. 30 email, Crisson also provided links to several tools that public power utilities can use to educate local government authorities,  customers and the news media on what they are doing to protect themselves from cyber attacks.

The recently formed Cyber and Physical Preparedness Committee is now fully operational and meets regularly, Crisson said. The committee, comprised of members of various sizes, geographic locations and types, along with APPA staff, was formed in response to a collective recognition that "a more concerted effort needs to be placed on protecting our infrastructure from attacks, whether cyber or physical in nature," he said.

In addition, APPA staff continue to monitor the North American Electric Reliability Corp.’s Critical Infrastructure Protection (CIP) standards and are closely following the Obama administration’s efforts to carry out the president’s Executive Order 13636 on Cybersecurity and Presidential Policy Directive-21, Crisson said. APPA also has worked closely with the Department of Energy to develop and apply DOE’s voluntary Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2), which public power utilities can use to identify cyber-related areas in which they are strong as well as areas where improvements can be made.

APPA is involved in an effort, led by the Department of Homeland Security, to update the Critical Infrastructure National Plan, which is designed to protect our national infrastructure from both cyber and physical threats.

Working closely with others in the electric sector, APPA continues to advocate limited and targeted legislation related to cybersecurity, Crisson said. That approach would enhance information-sharing between critical infrastructure sectors and the federal government while at the same time ensuring that the existing NERC standards are maintained rather than duplicated or undermined, he said.

While APPA members and staff are actively engaged in protecting both physical and cyber assets, "we need to be doing more to educate our local stakeholders and local media on these protection efforts," Crisson said. His email provided links to several APPA resources on cybersecurity:

  • Cybersecurity Essentials–A Public Power Primer – A guidebook to help provide public power utilities gain an overview of the importance of cybersecurity and provide pragmatic recommendations to protect their systems. The publication is meant to be used by senior management, utility boards and city councils and is available in the APPA Product Store.
  • Reliable Public Power Provider (RP3) Program – Utilities applying for recognition under APPA’s RP3 program are required to address cybersecurity at their utilities. The program encourages utilities to develop a cybersecurity policy, provide cyber awareness training, and conduct periodic cybersecurity assessments.
  • Cybersecurity Awareness Training – The APPA Academy is offering a four-part webinar series that will cover key areas of cybersecurity that every member of a utility’s staff can learn from and apply to their daily jobs.
  • APPA’s Security Listserv – This listserv provides important alerts from the Electricity Sector Information Sharing Analysis Center, United States Computer Emergency Readiness Team, unclassified notes from secured Department of Homeland Security briefings, and others.

Crisson also included a fact sheet that provides background on what APPA has done and continues to do in the area of cybersecurity. He encouraged members "to add to this document information on what your utility is doing locally on this issue and send it to your local media, local government officials and other stakeholders so they become more aware of the immense collaborative efforts being undertaken by public power and the industry generally on this critical issue."

 

Ratings

Be the first to rate this item!

Please Sign in to rate this.

Comments

  Add Your Comment

(1000 of 1000 characters remaining)

Senior Vice President, Publishing 
Jeanne Wickline LaBella
202/467-2948
JLaBella@publicpower.org

Editorial Director
Robert Varela
202/467-2947
RVarela@publicpower.org

Editor, Public Power Daily
Jeannine Anderson
202/467-2977
JAnderson@publicpower.org

Communications Assistant
Fallon W. Forbush
202/467-2958
FForbush@publicpower.org

Manager, Integrated Media 
David L. Blaylock
202/467-2946
DBlaylock@publicpower.org

Integrated Media Editor 
Laura D’Alessandro 
202/467-2955 
LDAlessandro@publicpower.org