Cyber & Physical Security Resources

Cyber and physical security preparedness is critically important to Florida public power and electric utilities across the state and country as we work together to create a more resilient and secure electric grid.

Below are a variety of resources relating to cyber and physical security preparedness.

Information from the American Public Power Association (APPA)

The American Public Power Association (APPA) helps its member utilities across the country create a more resilient and secure electric grid that is prepared for both cyber and physical threats. Public power utilities are working with their communities, states, and the federal government to ensure compliance with stringent security standards and to manage risk.

• APPA’s Security and Resilience page
  APPA has a number of free and paid resources linked on this page that are available to utilities to evaluate their cybersecurity posture, identify areas for improvement, and develop roadmaps to implement new policies and technologies to improve resilience against potential threat actors.
  
  
• Public Power Cybersecurity Roadmap
  This publication is designed to help utilities take the next step to improve their cybersecurity readiness based on identified needs and priorities in the Scorecard or other assessment tool. APPA has worked with a group of pilot members to develop the Cybersecurity Roadmap, which is available for download here.
  
  
• Public Power Cyber Incident Response Playbook
  The Public Power Cyber Incident Response Playbook walks through the steps and best practices a utility can follow in the event it experiences a cyber incident or attack. The Playbook can be downloaded here.

Electricity Information Sharing and Analysis Center (E-ISAC)

The E-ISAC keeps asset owners and operators informed about cyber and physical threats to the North American bulk power system through around-the-clock situational awareness and expert analysis. E-ISAC membership includes access to the secure online portal where members can voluntarily exchange information and receive access to the latest updates and alerts, including bulletins, white papers, webinars, and conferences. The E-ISAC is open to all electricity asset owners and operators and select government and cross-sector partners in North America. Joining the E-ISAC is free and users can request an account here.

The E-ISAC has published a one-page information sharing guide listing the types of information that should be shared with the ISAC and the best means of doing so. The guide is available here.

U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA)

• DHS Cybersecurity and Infrastructure Security Agency website
• CISA Cybersecurity Information
• CISA Insights
• CISA Ransomware Outbreak 
• CISA Cyber Essentials Starter Kit
• CISA Cyber Essentials Toolkits
• CISA Services Catalog
• CISA Cyber Resource Hub
• CISA Ransomware Guidance and Resources
• CISA and Multi-State Information Sharing Analysis Center Joint Ransomware Guide
• CISA Infrastructure Security Information
• CISA Active Shooter Preparedness
• CISA Unmanned Aircraft Systems – Critical Infrastructure
• CISA Information Sharing
• CISA Pipeline Cybersecurity Initiative 
• CISA Pipeline Cybersecurity Resources Library 

Additional Resources

• Cyber Florida - Florida Center for Cybersecurity
• Cyber Florida - Florida Cyberhub
• Cyber Florida - Guide to Ransomware Prevention
• Cybersecurity for Local Government
• Florida Department of Law Enforcement Florida Computer Crime Center
• Florida League of Cities Cybersecurity for Local Government
• FBI Internet Crime Complaint Center
• Hometown Connections Infographic - Cybersecurity for Community Owned Utilities