Beam Reach Consulting Group worked with leaders in the public power sector to develop and publish the Public Power Joint Action Agency Cybersecurity Services Plan (Cybersecurity Services Plan) this past December.
The Cybersecurity Services Plan includes the Public Power Cybersecurity Enhancement Framework (Framework) which serves as a guide to organizations that wish to provide useful cybersecurity services to public power utilities. The Framework allocates cyber resources among the American Public Power Association, joint actions agencies (JAAs) and super JAAs. With assistance from these three entities, utilities can successfully implement cybersecurity practices.
Beam Reach Consulting Group worked with the Joint Action Agency Advisory Council for Cybersecurity (JAC-C) to develop the Cybersecurity Services Plan. Brian Sharman facilitated a series of discussions and workshops with the JAC-C to focus on the key security needs of public power utilities and to develop a set of services best suited to meet these needs. "The process to develop and publish the Joint Action Agency Cybersecurity Services Plan typifies our best aspirations at Beam Reach Consulting Group,” said Sharman. “We are very proud of our efforts to collaborate with the customer and stakeholders to develop a product that so many parties invested in to meet the needs of the public power industry."
Members of the Beam Reach Consulting Group team, including Helana Zagami, Gareth Williams, Doug Landoll, and Chris Kelley, assisted with research and development of the report. American Public Power Association released the Cybersecurity Services Plan during their 2020 Joint Action Conference held in Indian Wells, California in January, where Chris Kelley spoke on a panel with joint action agencies to discuss cybersecurity services. See the Joint Action Conference presentations at https://www.publicpower.org/joint-action-conference-presentations.
Beam Reach Consulting Group partnered with industry experts to create the Public Power Cybersecurity Roadmap (Roadmap), designed to help public power utilities develop and maintain a higher state of security. The American Public Power Association distributed the Roadmap last year to utilities nationwide.
The Cybersecurity Roadmap Advisory Council (Council) contributed their knowledge and expertise to the Roadmap through various workshops and conference calls. Facilitators and members of the Council included Beam Reach Consulting Group's Chris Kelley and Doug Landoll. “Working with talented and experienced colleagues from across the public power community has been an incredible experience,” said Kelley. “The discussions we’ve had and insights gained by the group have made the Roadmap a useful guide for public power utilities across the country.”
Beam Reach Consulting Group used insights from the Council to develop the Roadmap on behalf of the American Public Power Association. The Roadmap divides cybersecurity implementation into four key stages: Evaluate, Formulate, Activate, and Integrate. These simple-to-follow stages, along with clear graphics, help to make the complex topic of cybersecurity improvement more manageable for public power utilities.
The Roadmap is part of a suite of tools available to public power utilities from the American Public Power Association. Other resources include the Public Power Cybersecurity Scorecard and Public Power Incident Response Playbook. Together these tools provide insights tailored to the public power community which help guide small and medium-sized utilities with their security programs.
The American Public Power Association distributed the Roadmap at the Public Power National Cybersecurity Summit held in Nashville, Tennessee in November 2019. The document can be downloaded on the American Public Power Association’s website at https://www.publicpower.org/resource/cybersecurity-roadmap.
