The National Association of Regulatory Utility Commissioners, in collaboration with the U. S. Department of Energy Office of Cybersecurity, Energy Security, and Emergency Response, on Feb. 22 released a set of cybersecurity baselines for electric distribution systems and distributed energy resources that connect to them.
“This joint initiative recognizes that cybersecurity is an integral underpinning of power system resilience and builds on work that states have undertaken over the last decade to address cybersecurity risks across their critical infrastructures,” NARUC said.
The cybersecurity baselines, coupled with forthcoming implementation guidance, are intended to be resources for state public utility commissions, utilities and DER operators and aggregators.
“These resources encourage alignment across states who choose to adopt the cybersecurity baselines to help mitigate cybersecurity risk and enhance grid security,” NARUC said.
NARUC convened a steering group of regulatory, cyber and industry experts from across the sector to help ensure that a wide range of perspectives were considered during the development phase.
NARUC and DOE will now kick off Phase 2 of the cybersecurity baselines initiative: Developing implementation strategies and adoption guidelines.
This resource will include recommendations for prioritizing the assets to which the cybersecurity baselines might apply, as well as prioritizing the order in which the baselines might be implemented based on cyber risk assessments.
Phase 2 implementation guidance is expected by the end of 2024.
Download and read Cybersecurity Baselines for Electric Distribution Utilities and DER at https://bit.ly/cybersecurity-baselines.