NARUC
Lynn Costantini is the Deputy Director of the NARUC Center for Partnerships & Innovation. Jody Raines is a Senior Cybersecurity Policy Specialist for the NARUC Center for Partnerships & Innovation. Taylor Fitzgerald is a Communications Coordinator for the NARUC Center for Partnerships & Innovation.
Threats posed to energy infrastructure from cybersecurity are prevalent and alarming. The news is rife with headlines of potential attacks and successful compromises of government agencies and private-sector organizations.
Recent advisories by the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and U.S. Department of Homeland Security confirm that nation-state threat actors, including Volt Typhoon, are actively seeking to compromise critical infrastructure sectors, especially the electric grid.
The trend is escalating and unlikely to subside. The risks posed to lifeline services directly challenge safe, reliable, and adequate services, which are the mission to provide by public utility commissions across the country.
Public utility commissions play an important role in ensuring the reliable, safe delivery of utility services at reasonable and just rates. As technologies advance and utility business models transform, commissions must be ready to address regulatory challenges, including assuring the utilities they regulate are prepared to identify and mitigate emergent cybersecurity risks affecting critical infrastructure.
A successful cyberattack on a jurisdictional utility could have catastrophic cascading consequences that threaten life. The Colonial Pipeline ransomware attack in 2021 is a reminder that a cyber breach can have dire and compounded consequences.