“Cybersecurity, Part 2: Opportunities and Challenges for State Utility Regulators”
Public Utilities Fortnightly 03/01/17 Sherina Maye Edwards
Below is an excerpt:
In Part I of this article, which appeared in February's PUF, the authors examined the evolving role of state regulators in addressing cybersecurity in the energy sector. While state commissioners have not traditionally regulated this area, many are now grappling with the proper role to play. Part II surveys best practices in various locations and recommends methods for developing regulatory procedures that will ensure the security of critical energy assets.
These include asking whether the utility prioritizes controls, assets and C-suite involvement; converges technical controls with IT controls; implements test and drill measures; creates a culture of security; willingly shares threat information regarding its regulators and industry counterparts; and ensures regular audits.