Cybersecurity Initiative Toolkit (2017-2020)
These publications are resources that regulators can use to help improve energy sector resilience in alignment with international best practices and in the context of their respective priorities and needs. They were initially developed for regulators in Europe and Eurasia to reinforce their knowledge of cybersecurity solutions and preparedness in the face of ongoing threats within their energy sectors. U.S. regulators can also benefit from learning more about international regulatory strategies and practices for addressing energy sector cyber preparedness, evaluating cybersecurity investments, and more.
This guide was developed to provide information and lessons learned to support Black Sea regulators, and others, in developing their own commissions’ cybersecurity strategies. Drawing from experiences and best practices from U.S. state-level regulatory commissions and elsewhere, this document has been designed to cover the important issues and questions that regulators should address as they begin the process of developing their unique cybersecurity strategies.
This evaluative framework is an easy-to-use tool for regulators to evaluate utilities’ cybersecurity preparedness. It is designed to provide a structured way for regulators to assess what level of cyber preparedness utilities have reached and identify areas for improvement.
This guide was initially developed for regulators in Europe and Eurasia to reinforce their knowledge of practical cybersecurity solutions in the face of ongoing threats within the energy sector. However, the questions of how to evaluate risks, assess mitigation measures, and select standards are relevant for regulators around the world.
These guidelines were developed to assist regulators in ensuring that investments made in the name of cybersecurity are reasonable, prudent, and effective. They are intended to assist regulators in defining tariffs by establishing a regulatory approach to enhance the cybersecurity stance of their power systems and are based on literature and current practices.
The goal of this primer is to provide an understanding of the fundamental principles of maturity models so that the greatest benefit can be realized from their use, rather than ranking maturity models against each other. This will permit regulators to work efficiently and effectively with utilities on the subject of cybersecurity regardless of the cybersecurity model that is selected for use, whether by the regulator or the utility.