- Risk Management in Critical Infrastructure Protection: An Introduction for State Utility Regulators (September 2016)
This white paper explores foundational risk management concepts and their application in regulatory decision making that involves critical infrastructure protection.
- Regional Mutual Assistance Groups (RMAGs): A Primer (November 2015)
Electric utilities across the country have been providing mutual aid to each other during emergencies for years. One strategy for communicating and coordinating information as well as tangible resources needed on a wider scale is to use regional mutual assistance groups (RMAGs). This paper explains what an RMAG is, identifies some of the reasons why they are a central mechanism for assuring electric grid reliability and resilience of the power system, and offers suggestions for how a great idea can become stronger.
- Resilience for Black Sky Days (February 2014)
This paper examines resilience as a regulatory term of art and the tools to assess resilience initiatives.
- Resilience in Regulated Utilities (November 2013)
This paper lays the foundation for establishing common definitions and developing a methodology for utility commissioners and others to consider when exploring the regulatory issues surrounding investments in utility resilience.
Energy Emergency Management
- Energy Emergency and Preparedness Data: FAQs and Quick Guidance on Crisis Communications (February 2022)
This guide provides strategies and tactics for building or enhancing criris communications capabilities within PUCs and State Energy Offices.
- Who You Gonna Call? (February 2020)
During this webinar, panelists discussed their experiences coordinating with their state partners during energy emergencies and the methods they use for improving state preparedness. Presentations/ Recording
- State Agency Coordination During Energy-Related Emergencies (June 2019)
This mini-guide outlines organizational models that enable effective coordination, describe their benefits, and highlight how some states have overcome challenges that may inhibit successful coordination. State agencies interviewed for this guide include PUCs, SEOs, and state OEMs.
- Cybersecurity Tabletop Exercise Guide
This guide details the steps that PUCs can take to design, execute, and evaluate a cybersecurity-focused tabletop exercise (TTX). An exercise could examine utilities’ and other stakeholders’ readiness to respond to and recover from a cybersecurity incident or analyze the PUC’s internal capabilities. This guide includes example scenarios and customizable templates.
- Public Utility Commission Participation in GridEx V: A Case Study
This case study examines the experiences of six public utility commissions who participated in GridEx V. It highlights the benefits they perceived as well as the challenges they encountered. The intent of this case study is to pave the way for more PUCs to actively engage in the planning, preparation, and play for GridEx VI, slated to take place in November 2021. Through GridEx, PUCs have the opportunity to build relationships, clarify roles, and strengthen their response capabilities in coordination with key partners.
Advanced Cybersecurity Training for Commission Staff
NARUC, with funding from the Department of Energy, Office of Cybersecurity, Energy Security, and Emergency Response, is offering a limited number of scholarships for advanced cybersecurity training. Training will be provided by the renowned SANS Institute and focus on cybersecurity of operational technologies.
Please visit the application page to learn more and apply. If interested, please submit applications by 5 p.m. ET on March 1, 2024.
Regional Cybersecurity Training for Regulators, April 16-18, 2024, New Orleans, LA
NARUC conducts in-person training events that focus on cybersecurity topics through the lens of a public utility regulator. Subject matter experts, recruited from around the country, make presentations, lead discussions, and offer topical and timely “boots on the ground” perspectives.
Please visit the registration page to learn more and register.
PUC Participation in EarthEx 2020: An Energy Security Exercise EarthEx 2020, June 25, 2020
EarthEx 2020 is a "come as you are" exercise opportunity to test policies and procedures for responding to a long duration power outage, including in-depth discussion on states' roles and responsibilities. Goals of this exercise include increasing understanding and response options in the event of an electromagnetic pulse, cyberattack, and/or global health pandemic.
Presenter: John Heltzel, EIS Council
- Black Sky Exercise, July 2019
Extreme, multi-regional “Black Sky” hazards—from severe weather to rapidly escalating cyber attacks—have the potential to disrupt essential lifeline services that put our Nation’s citizens in peril. This exercise introduced participants to the scale and scope of coordination and collaboration required across federal, state, and local governments, relief agencies, and private sector organizations to plan for and recover from such large-scale, multi-sector, disruptions. The focus was on the role of state public utility commissions before, during, and after a Black Sky event.
NARUC is grateful to the U.S. Department of Energy, Office of Cybersecurity, Energy Security, and Emergency Response for funding that enables the resources and activities described herein.
NARUC also acknowledges key partnerships with the Federal Energy Regulatory Commission (FERC), the Department of Homeland Security (DHS), the National Institute of Science and Technology (NIST), and others who contribute time and expertise in support of the Critical Infrastructure Committee and its goals.