SRAC secured the services of a vendor to provide ten SRPEDD municipalities with support developing a cybersecurity Incident Response Plan. Using the NIST Cybersecurity Framework 2.0, the vendor will work through municipally-identified risks, help prioritize mitigation strategies, and develop timelines for next steps. The vendor will hold a pair of IRP workshops, to further develop the municipalities IRPs.

In tandem with the IRP development, the vendor will be working with regional Municipal Light Plants to identify risks, and develop prioritized mitigation and remediation strategies. Our MLPs are uniquely positioned to take advantage of this opportunity, they don’t have the personnel like the major power companies do to protect against cyber threats, but they are still critical infrastructure that needs protecting. The vendor will host two workshops and Q&A sessions with MLP personnel in order to aggregate security posture across operators, and identify at-large opportunities to reduce overall risk to the MLPs.