Cybersecurity and Physical Security
The American Public Power Association is helping member utilities across the country create a more resilient and secure electric grid that is prepared for both cyber and physical threats. Public power utilities are working with their communities, states, and the federal government to ensure compliance with stringent security standards and to manage risk.
The video below provides some quick tips for improving basic cybersecurity practices in the workplace.
The Association has a number of free and paid resources available to utilities to evaluate their cybersecurity posture, identify areas for improvement, and develop roadmaps to implement new policies and technologies to improve resilience against potential threat actors. Resources include:
- Public Power Cybersecurity Scorecard: The Scorecard is an online self-assessment tool to gauge your utility’s security posture. Based on the DOE Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2), the scorecard provides a starting point to address cyber risks.
- Public Power Cybersecurity Roadmap: The Cybersecurity Roadmap provides a framework for utilities to develop and implement improvements to their security state based on the assessment provided by the Cybersecurity Scorecard.
- Public Power Cyber Incident Response Playbook: The Cyber Incident Response Playbook provides step-by-step guidance for utilities to prepare a cyber incident response plan, including industry and government partners with available resources and the process for requesting cyber mutual aid from other utilities.
- Managed Cybersecurity Service Providers Guide: The Service Providers Guide lists cybersecurity vendors that utilities can evaluate to meet their various cybersecurity service requirements.
- Joint Action Agency Cybersecurity Services Plan: The JAA Cybersecurity Services Plan lays out a business case for offering cybersecurity services to JAA members, including a breakdown of which services might be most effectively provided at the JAA level.
Many of these programs were funded through the Cybersecurity for Energy Delivery Systems (CEDS) cooperative agreement between the Association and the U.S. Department of Energy to help public power utilities create stronger, more secure systems. Learn more about the CEDS program.
Check here for member resources to help research, deploy, and integrate the latest security technologies.