This playbook provides public power utilities with step-by-step guidance and critical considerations in preparing for a cyber incident and developing a response plan that enables staff to take swift, effective action.
The playbook helps public power utilities think through the actions needed in the event of a cyber incident, clarifies the right people to engage in response to cyber incidents of different severity, and offers advice and templates to coordinate messaging about the incident.
The playbook:
- Provides guidance to help a utility develop its cyber incident response plan, including identifying processes and procedures for detecting, investigating, eradicating, and recovering from a cyber incident.
- Maps out the industry and government partners that public power utilities can engage during a significant cyber incident to share information, get support for incident analysis and mitigation, and coordinate messaging for incidents that require communication with customers and the public.
- Outlines the process for requesting cyber mutual aid for an incident that significantly disrupts utility business or operational energy delivery systems and overwhelms in-house cyber resources and expertise.
This material is based upon work supported by the Department of Energy under Award Number(s) DE-OE0000811.