Cybersecurity: The State Regulators’ Perspective

Slides:



Advertisements
Similar presentations
AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.
Advertisements

Homeland Security at the FCC July 10, FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.
Research Administration Capacity Building in an Established Institution Presenter: M.M.Aboud, MD Director of Research and Publications, MUHAS.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.
Department of Environmental Quality Environmental Management System Overview.
1 Pipeline Security Presented to: Pipeline Safety Trust New Orleans, Louisiana November 5, 2010.
The UK Space Agency: Our plan for space Dr Alice Bunn, Director of Policy November 2014.
National Infrastructure Protection Plan
WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.
Speaker: Tamar Shapatava
Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.
1 Federal Communications Commission Public Safety and Homeland Security Bureau NARUC Summer Committee Meetings Dallas, Texas July 13, 2014 Clete D. Johnson.
Industrial Railways: An Emerging Sector Presentation to the Industrial Railway Safety Conference Michael Bourque President and C.E.O. of the Railway Association.
Jeffery J. Gust IOWA INDUSTRIAL ENERGY GROUP FALL CONFERENCE Tuesday, October 14, 2014 MidAmerican Energy Company.
Challenge Questions How good is our strategic leadership?
1 Webinar on: Establishing a Fully Integrated National Food Safety System with Strengthened Inspection, Laboratory and Response Capacity Sponsored by Partnership.
Consultancy.
Don Von Dollen Senior Program Manager, Data Integration & Communications Grid Interop December 4, 2012 A Utility Standards and Technology Adoption Framework.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
Nuclear Power Plant/Electric Grid Regulatory Coordination and Cooperation - ERO Perspective David R. Nevius and Michael J. Assante 2009 NRC Regulatory.
Evaluation in the GEF and Training Module on Terminal Evaluations
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
The Drivers of Audit Quality Culture within firm Skills and qualities of partners and staff Audit Quality External factors Reliability and usefulness of.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
FERC’s New Reliability Initiatives Kevin Kelly Director, Policy Analysis, OMTR Federal Energy Regulatory Commission NARUC Annual Meeting Nashville, TN.
2 ictQATAR “ Information and Communication Technology (ICT) improves how we live and work in countless ways.”  The Ministry of Information Communication.
Overview of WECC and Regulatory Structure
WebCast 5 May 2003 Proposed NERC Cyber Security Standard Presentation to IT Standing Committee Stuart Brindley, IMO May 26, 2003.
Business Continuity Program Orientation (insert presentation date) (This presentation is a template that requires adjustments to meet your needs)
1 RIC 2009 Cyber Security at Nuclear Facilities Scott A. Morris Office of Nuclear Security & Incident Response March 11, 2009.
ERCOT IT Update Ken Shoquist VP, CIO Information Technology Board Meeting February 2004.
CBIZ RISK & ADVISORY SERVICES BUSINESS CONTINUITY PLANNING Developing a Readiness Strategy that Mitigates Risk and is Actionable and Easy to Implement.
Program Overview and 2015 Outlook Finance & Administration Committee Meeting February 10, 2015 Sheri Le, Manager of Cybersecurity RTD.
National Emergency Communications Plan Update National Association of Regulatory Utility Commissioners Winter Committee Meeting February 16, 2015 Ron Hewitt.
Business Continuity Planning 101
March 23, 2015 Missouri Public Service Commission | Jefferson City, MO.
April 19 th, 2016 Governors Homeland Security and All-Hazards Cyber Security Sub-Committee.
7th ASEAN COMPETITION CONFERENCE 8-9 March 2017, Malaysia “ASEAN’s Young Competition Agencies – The Tough Get Going” Dato’ Ahmad Hisham Kamaruddin Member.
BruinTech Vendor Meet & Greet December 3, 2015
Information Security Program
Hot Topics in the Financial Industry: Cybersecurity
Data Security and Privacy Overview: NJDOE’s Approach to Cybersecurity
Iowa Communications Alliance
Economic Regulation of Irish Water
Compliance with hardening standards
IFTA, INC. STRATEGIC PLAN
Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity Framework (NIST CSF) A Business Case.
The Role of Departments in the Implementation of the Government Agenda Concepts and Realities FMI Professional Development Day - June 7, 2016.
USA Final Project Report
NIST Cybersecurity Framework
ATD session 2: compliancy versus mission assurance
CISM Dumps PDF Latest Certified Information Security Manager CISM dumpsCISM dumps pdfCISM braindumpsCISM exam dumps.
Updated Isaca CISM Exam Questions | Dumps4download.us
8 Building Blocks of National Cyber Strategies
Conducting business the right way
Understanding Existing Standards:
NJOHSP Partnerships and Resources
#IASACFO.
Integration of Variable Generation Task Force (IVGTF) & Emerging Issues Mark Lauby Manager, Reliability Assessments
PGE Chris Nolke, Director of Cybersecurity
Blue Ridge Power Agency
NERC Cyber Security Standard
Strategic Boards Toolkit
Cyber Security Culture
Neil Kirton and Zoë Newman
Measuring What Matters
Panelists ASIS International – Dr. Marc Siegel, Security Management System Consultant, ASIS International Disaster Recovery Institute International (DRII)
Cyber Security in a Risk Management Framework
CYBER SECURITY SPACE OPERATIONS AND RESILIENCY.
Presentation transcript:

Cybersecurity: The State Regulators’ Perspective Lynn P. Costantini, D. Sc., CISSP Manager, Cybersecurity Compliance and Oversight New Jersey Board of Public Utilities March 21, 2018

Today’s Topics The Evolving Role of State Utility Regulators Opportunities and Challenges New Jersey’s Experience

The Evolving Role of State Utility Regulators Rapidly evolving cyber threats Mix of regulatory approaches Some critical assets not covered States’ regulatory role Ensure safe and reliable service at prudent and just rates; Determine appropriateness of utilities’ cybersecurity policies and practices

Challenge: Determine how much cybersecurity is enough Technical knowledge and experience Resource constraints Compliance vs. risk reduction Opportunity: Promote discourse, information sharing, and partnership among all stakeholders

Progress? Utility Engagement? Issued Orders? Yes No Source: NARUC Critical Infrastructure Committee, February 2017

Exercises Has your state conducted an exercise based on a cyber security scenario? Yes No Source: NARUC Critical Infrastructure Committee, February 2017

Cyber Information Sharing Between utilities and state regulators Between state agencies Between state regulators and federal partners Source: NARUC Critical Infrastructure Committee, February 2017

Security Clearances Yes No Does anyone on your commission have a security clearance? Source: NARUC Critical Infrastructure Committee, February 2017

Progress!

The New Jersey Experience 2004 Docket A004070733 - Comply with best security practices, including those for cybersecurity. 2011 Docket EO11090575 – Report cybersecurity incidents involving industrial control systems 2016 Docket A016030196 - Comply with specific cybersecurity requirements

Cybersecurity Requirements Scope: Industrial control systems (SCADA/PLC/RTU) Customer-facing systems that contain “PII” Cyber Security Program Requirements Cyber Risk Management Identify Monitor Situational Awareness Incident Reporting Response and Recovery Security Awareness and Training Analyze Control

Compliance and Oversight Utilities self-certify compliance annually. First certification date was October 31, 2017. BPU staff and NJCCIC are developing a program to monitor utilities‘ compliance to the Cyber Order and their adherence to best utility practices. BPU staff will periodically review the requirements set forth in the Cyber Order to determine whether additional requirements or program refinements are needed.

Collaboration is a Priority State Partners Attorney General OHSP NJCCIC OIT State Police/OEM Federal partners DOE DHS FBI In addition to collaboration with utilities, BPU engages in interagency collaboration as a necessity to achieve resilience, particularly in cyber space

Thank You! lynn.costantini@bpu.nj.gov

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.