Cybersecurity Baselines for Electric Distribution Utilities & DER

The National Cybersecurity Strategy, issued in 2023, directed the U.S. Department of Energy (DOE) to “promote cybersecurity for electric distribution and distributed energy resources (DERs) in partnership with industry, states, federal regulators, Congress, and other agencies.”  Because the responsibility for regulating electric distribution utilities lies with the states, DOE partnered with the National Association of Regulatory Utility Commissioners (NARUC) to prepare a set of cybersecurity baselines for electric distribution systems and distributed energy resources that connect to them. This initiative is intended to identify cybersecurity practices that demonstrably reduce cyber risk to electric distribution systems. Recognizing that states are continuously exploring ways to enhance the reliability, resilience, and security of their critical infrastructures, this initiative also addresses implementation. Such guidance encourages alignment across states who chose to adopt the cybersecurity baselines for their electric distribution utilities. DOE and NARUC formed a steering group comprised of regulators, utility and DER representatives, cyber experts, and other stakeholders, to assist in the development of the cybersecurity baselines and the implementation guidance.  

This initiative is a divided into two phases:

    • Phase 1: vetted set of Cybersecurity Baselines for Electric Distribution Utility systems and the DER that connect to them. Phase 1 is expected to be completed in January 2024.
    • Phase 2: comprehensive Implementation Strategies and Adoption Guidelines that include expert-informed recommendations for prioritizing the assets to which the cybersecurity baselines might apply, based on cybersecurity risk, as well as prioritizing the order in which the baselines might be implemented, based on cyber risk reduction assessments. The guidance will also address risk-based implementation timelines. Phase 2 is expected to be completed in December 2024.

Recent Posts

Latest news from our blog

Sunspec Webinar: SunSpec CSIP 3.0 Webinar

SunSpec CSIP 3.0 Webinar Recap SunSpec leadership provided an in-depth look at the history, current activities, and future developments of the Common Smart Inverter Profile (CSIP). They explained that CSIP originated from a 2017 ruling by the California Public Utility...

SecureG & SunSpec Present 2030.5 PKI Rollout Updates

SunSpec Alliance and SecureG Webinar Announcement: 2030.5 PKI Rollout Updates: Recap The SunSpec & SecureG 2030.5 PKI webinar focused on the rollout and updates of the SunSpec Public Key Infrastructure (PKI). SunSpec Chairman, Tom Tansy, provided an overview of...

SunSpec Alliance is the information standards and certification organization for the Distributed Energy Resource (DER) industry. SunSpec communication standards address operational requirements of solar and energy storage on the smart grid.

Powered By MemberPress WooCommerce Plus Integration