NARUC cybersecurity guide aims to help regulators develop protocols, recruit security experts
Through a new guide for public utility commissions, the National Association of Regulatory Utility Commissioners (NARUC) Center for Partnerships and Innovation seeks to advise state regulators on cybersecurity necessities, the skill sets needed for success, and recruiting those that can make it happen.
“We all play a role in keeping critical infrastructure cyber secure,” Pennsylvania PUC Chairman Gladys Brown Dutrieuille, chair of NARUC’s Committee on Critical Infrastructure, said. “As regulators, it is incumbent on us to engage our utilities and other key stakeholders on cybersecurity matters for this purpose. We must understand the evolving threats and vulnerabilities as well as the risk mitigation options that are available.”
“Recruiting and Retaining a Cybersecurity Workforce” marks the sector’s response to a threat that is only becoming more prevalent with time. As the energy sector has gone increasingly digital to boost reliability and resilience, it has also opened itself more wholly to hackers. With more access points than ever, the report noted, if critical operating systems are penetrated, lasting, long-term damage could be inflicted on the larger system.
Utility regulators tend to lack the cybersecurity professionals and budgets they need to tackle the new threats, according to NARUC. Thus, the guide focuses on how public utility commissioners can develop or expand cybersecurity proficiencies with what they have. It explains how cybersecurity experts tend to function in a PUC environment and identifies the skill sets needed to be effective. It also goes over recruitment and retention efforts.
