The Littleton Electric Light and Water Departments has received a cybersecurity industry award for its leadership in raising awareness of the threats posed to municipal utilities by foreign adversaries.
The Massachusetts public power utility LELWD noted that it has has demonstrated leadership in cybersecurity by presenting to its peers at industry events, building strategic public-private partnerships, and sharing hard-earned lessons.
On behalf of LELWD, General Manager Nick Lawler, P.E., accepted the Community Impact Award for “outstanding achievement in safeguarding civilization” from Dragos, a leading industrial cybersecurity firm, at a February 12 event.
The award recognizes LELWD's exemplary efforts in protecting critical infrastructure and contributing to broader community resilience in the face of cyber threats, the utility noted.
“Cybersecurity stands as a paramount concern in our industry, escalating in significance with each passing day,” said Lawler, a past chairman of the American Public Power Association. “Public private partnerships, such as those with Dragos, support through APPA’s cybersecurity programs, and active participation in information-sharing forums have been instrumental in helping us navigate these challenges, share lessons learned, and protect our community.”
LELWD worked with Dragos, EvoLab Technology Solutions, and APPA to boost its cybersecurity after being alerted in November 2023 by the FBI to an intrusion into its computer systems by foreign hackers. No customer data was compromised, and the intrusion posed no immediate threat to the utility’s operating systems.
LELWD was one of about 200 New England organizations similarly affected in 2023, according to information from federal investigators.
By March 2025, LELWD was able to speak publicly about the incident with a goal of educating other utilities of the risk and the available solutions.
Recently, Lawler presented at a conference on cybersecurity lessons learned from LELWD's experiences, offering valuable insights to the assembled experts.
The event was organized by the Electricity Subsector Coordinating Council's Cyber Mutual Assistance Program.
The CMA Program consists of industry cyber experts who provide voluntary emergency cyber assistance to entities in the electric power sector during disruptions. The ESCC is a CEO-level partnership coordinating between the electric power sector and the federal government.
Other presenters included the APPA's Cybersecurity Program Senior Manager Anna Detloff, and Cybersecurity Specialist Christopher Ching who shared lessons from Department of Energy-funded programs: Adrienne Lotto, Senior Vice President of Grid Security, Technical & Operations Services, who provided an overview of the current state of cybersecurity in the industry; and representatives from the National Rural Electric Cooperative Association and Edison Electric Institute.
The conference highlighted the critical role for public-private partnerships and mutual assistance in bolstering cybersecurity for public power utilities, LELWD said.
For example, LELWD -- a small municipal electric utility serving the towns of Littleton and Boxborough, Mass. –- has benefited from its collaboration with Dragos, the cybersecurity firm, which has supported the management of operational technology (OT) sensors deployed with assistance from the APPA.
In May 2024, when Lawler was chairman-elect, APPA secured a $4 million cooperative agreement from the U.S. Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response, funded by the Rural and Municipal Utility Cybersecurity Program, under the Infrastructure Investment and Jobs Act of 2021.
This four-year initiative aids small and resource-limited public power utilities in strengthening defenses, enhancing incident response, increasing threat information sharing, and accessing assessments, training, guidebooks, and events.
“Cybersecurity remains front of mind for the public power community, regardless of the size of our member utilities,” said Scott Corwin, President and CEO of APPA. “This agreement with DOE will help bolster the cybersecurity defenses of our members and is the latest example of successful collaboration between APPA, its members and the federal government.”
