Cyber and Physical Security

Public power utilities across the country are working to create a more resilient and secure electric grid that appropriately manages the risk from a range of threats. By working with APPA, their communities, states, and the federal government, utilities are improving their physical and cyber security postures to continue providing safe, reliable, and affordable energy.

Cybersecurity Programs

Public power utilities are faced with an increasingly hostile threat landscape that requires action to improve their cybersecurity maturity and posture. APPA obtained over $25 million in funding for its members through cooperative agreements with the Department of Energy’s office of Cybersecurity Energy Security, and Emergency Response to help utilities enhance collective defense, deploy operational technology, conduct baseline assessments, receive technical assistance, and more. Contact our team at Cybersecurity@PublicPower.org to request to participate.

• ICS CyberShield supports deployment of OT cybersecurity sensors at public power utilities that serve 50,000 meters or more. To date, 26 public power utilities have received almost $5 million for these projects. Support is still available for eligible utilities interested in deploying various technologies to enhance the security of their OT and ICS networks.
• OT Insight supports small public power utilities in improving cybersecurity maturity, including through evaluating the capabilities and suitability of various OT sensors. APPA awarded $2.3M to 10 utilities to deploy 5 sensor technologies. The program is fully enrolled at this time, however, interested utilities can contact APPA to demonstrate the demand for further funding. APPA is also developing a data aggregation platform to share anonymized threat information across vendors for further analysis and dissemination, and welcomes utility participants in the data sharing working group.
• Cyber Pathways is a four-year effort targeted on improving cybersecurity maturity by first baselining public power’s cybersecurity posture and then helping utilities to improve their readiness through cybersecurity training, participating in information sharing and incident response organizations, and getting recognized for implementing best practices. While the focus of this program is on small public power utilities, public power utilities of all sizes and maturity levels are welcome to participate.

Cybersecurity Defense Community

Public power professionals tasked with defending their utility’s systems from cyber threats are encouraged to join APPA’s Cybersecurity Defense Community. Members of the CDC:

•  Get updates on the latest cybersecurity alerts, trends, tools, resources, and events of note in monthly virtual meetings.
• Collaborate and communicate with their peers in a safe space, including in a private group on APPA Engage.
• Share best practices and discuss common challenges.

Only individuals from APPA member utilities, joint action agencies, and state associations are eligible to join the CDC. No vendors, regulators, or other external stakeholders may participate in the CDC. CDC participants sign and submit a non-disclosure agreement and a code of conduct agreement when joining to enable honest conversations and to ensure participants can freely share appropriate information with the community.

Request to join the CDC

If other individuals in your organization are already part of the CDC and you want to join the meetings or the APPA Engage group, contact Cybersecurity@PublicPower.org.