May 2020 – "Evaluating the Prudency of Cybersecurity Investments: Guidelines for Energy Regulators" is a first-of-its-kind resource developed with funding support from the United States Agency for International Development (USAID) under the Energy and Infrastructure Division of the Bureau for Europe and Eurasia.
The guidelines demonstrate the leadership of USAID and NARUC in empowering energy regulators to increase grid resilience by ensuring prudent and effective investments in cybersecurity by their regulated entities, and attempt to answer the following questions:
As power systems across the region continue to modernize, digitize, and integrate, they are increasingly exposed to additional vulnerabilities that can be exploited by cyberattacks. Attacks on the power grid can have devastating effects on a nation’s security, economy, and public welfare, and are a serious threat to all nations worldwide.
While these guidelines were developed for the Europe and Eurasia region, much of their content can be applied universally, and NARUC encourages U.S. regulators and others to look for applicability within their own contexts and environments.
"Evaluating the Prudency of Cybersecurity Investments: Guidelines for Energy Regulators" can be found here.