Cyber & Physical Security Resources

CISA Shields Up

Cyber and physical security preparedness is critically important to Florida public power and electric utilities across the state and country as we work together to create a more resilient and secure electric grid.

Below are a variety of resources relating to cyber and physical security preparedness.

Information from the American Public Power Association (APPA)

The American Public Power Association (APPA) helps its member utilities across the country create a more resilient and secure electric grid that is prepared for both cyber and physical threats. Public power utilities are working with their communities, states, and the federal government to ensure compliance with stringent security standards and to manage risk.

  • APPA’s Security and Resilience page
    APPA has a number of free and paid resources linked on this page that are available to utilities to evaluate their cybersecurity posture, identify areas for improvement, and develop roadmaps to implement new policies and technologies to improve resilience against potential threat actors.

  • Public Power Cybersecurity Roadmap
    This publication is designed to help utilities take the next step to improve their cybersecurity readiness based on identified needs and priorities in the Scorecard or other assessment tool. APPA has worked with a group of pilot members to develop the Cybersecurity Roadmap, which is available for download here.

  • Public Power Cyber Incident Response Playbook
    The Public Power Cyber Incident Response Playbook walks through the steps and best practices a utility can follow in the event it experiences a cyber incident or attack. The Playbook can be downloaded here.
Electricity Information Sharing and Analysis Center (E-ISAC)

The E-ISAC keeps asset owners and operators informed about cyber and physical threats to the North American bulk power system through around-the-clock situational awareness and expert analysis. E-ISAC membership includes access to the secure online portal where members can voluntarily exchange information and receive access to the latest updates and alerts, including bulletins, white papers, webinars, and conferences. The E-ISAC is open to all electricity asset owners and operators and select government and cross-sector partners in North America. Joining the E-ISAC is free and users can request an account here.

The E-ISAC has published a one-page information sharing guide listing the types of information that should be shared with the ISAC and the best means of doing so. The guide is available here.

U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA)
Additional Resources