Cybersecurity Policy and Practice - NARUC

center for partnerships & innovation

Cybersecurity

Cybersecurity

Cybersecurity Policy and Practice

The links on this page offer a sampling of resources that describe strategies, tactics, and tools used by government and industry to minimize cybersecurity threats and vulnerabilities to critical infrastructure in the U.S.. This collection provides key foundational materials that may be valuable for NARUC members, but it is not exhaustive.

Quick Links

Defense Energy Resilience Key Resources Guide, October 2022

Supporting FAQs for Commissioners on Defense Energy Resilience Topics, October 2022

Workforce Development Toolbox, September 2022

Cyber Incident Notification Requirements by State, July 2022

Valuing Resilience for Microgrids: Challenges, Innovative Approaches, and State Needs, February 2022

Federal Funding Opportunities Guidebook, October 2021

Regulatory Considerations for Utility Investments in Defense Energy Resilience, October 2021

NARUC Cybersecurity Manual

Executive Orders and Federal Doctrine

Cybersecurity Frameworks and Standards

Cybersecurity Assessment Tools

Cybersecurity Capability Maturity Model (C2M2) Version 2.0(DOE)
Cyber Security Evaluation Tool (CSET) (DHS)
Cyber Resilience Review (DHS)

Cyber Workforce

Other Links

Defending Against Software Supply Chain Attacks, April 2021 (DHS/CISA, NIST)
Key Practices in Cyber Supply Chain Risk Management: Observations from Industry February 2021 (NIST)
Ransomware Guide 2020(DHS CISA/MS-ISAC)
Cybersecurity Legislation 2020 (NCSL)
Cybersecurity Best Practices for Industrial Control Systems (DHS/CISA)
Security Tip (ST18-007): Questions Every CEO Should Ask About Cyber Risks (DHS/CISA)
MITRE Att@ck
Model Procurement Contract Language Addressing Cybersecurity Supply Chain Risk – Version 1.0 (EEI)
CRITICAL INFRASTRUCTURE PROTECTION: Actions Needed to Address Significant Cybersecurity Risks Facing the Electric Grid (GAO)