Cybersecurity Risk Management Process – A Case Study Case study about a fictional utility’s cybersecurity risk management process Implementation of DOE’s Electricity Sector Cybersecurity Risk Management Program guidance Potential steps needed for risk assessment, risk response, and risk monitoring Developing a risk management process for cybersecurity Cybersecurity is a perennial concern for utilities, who are responsible for some of the nation’s most critical infrastructure. This document aims to assist electric utilities in their consideration and development of cybersecurity risk management practices and to illustrate possible implementation of the U.S. Department of Energy’s Electricity Sector Cybersecurity Risk Management Program (RMP) guidance. The paper presents the case of a fictitious municipal utility (Papaya Electric) that decides to develop a risk management program to address cybersecurity. The fictional scenario covers automation functions and operational variables and constraints common to many utilities. The study illustrates how real-world organizations may require a number of adjustments to risk management and operations methodologies to accommodate utility business constraints and priorities. What’s in the report Overview of the fictitious municipal utility, key actors, and events triggering the pursuit of a cybersecurity risk management process Framing and steps for risk assessment, risk response, and risk monitoring for the executive, business operations, and systems and application levels Key lessons learned about the RMP Fill out this form to get the report. Name* First Last Email* Company* Title* Phone (Optional)Job Function*AdministrationBusiness DevelopmentCustomer RelationsDistributionEngineering & TechnicalGeneration & TransmissionPlanningProjects & ProgramsRegulatory, Policy & LegalOtherJob Level*C-levelVice PresidentDirectorManagerProfessional Sign me up to receive updates on Grid Integration?
Skip to content