NARUC, DOE release cybersecurity baselines for electric distribution systems and DER energy sources
Reckoning with growing cybersecurity concerns worldwide, the National Association of Regulatory Utility Commissions (NARUC) and the U.S. Department of Energy (DOE) recently published cybersecurity baselines for both electric distribution systems and distributed energy resources (DER) connected to them.
“Addressing cybersecurity is essential as electric distribution systems continue to evolve, spurred by new technologies and operational models, as well as the ever-increasing threat of cyber attacks,” NARUC Executive Director Greg White said. “This NARUC/DOE initiative complements ongoing industry and government efforts by providing cybersecurity baselines, tailored for electric distribution systems and the DER that connect to them, that provide a common starting point for cyber risk reduction activities.”
The joint guidance focused on state public utility commissions, utilities, and DER operators and aggregators and was meant to be coupled with upcoming implementation guidance. They firmly establish cybersecurity as a critical foundation of power system resilience and builds on work across various states. A steering group of regulatory, cyber, and industry experts from across the sector contributed to the baselines.
With these items in hand, NARUC and DOE have begun on the second phase of their cybersecurity baselines initiative, which will focus on the development of implementation strategies and adoption guidelines. This will include recommendations for prioritizing the assets in which the baselines could apply, along with the order to which they might be implemented based on cyber risk assessments. That should follow by the end of the year.
