Public Utility Commission Commissioner Pamela A. Witmer Thursday recognized National Critical Infrastructure Security and Resilience Month, emphasizing the PUC’s role in helping to protect the state’s physical and digital infrastructure.
“Critical infrastructure plays an integral role in our daily lives. Water, electricity, natural gas, transportation and communications – are all interconnected and our livelihood depends on all of these,” said Commissioner Witmer at today’s PUC Public Meeting. “It’s crucial that we work together to not only protect our infrastructure, but to position ourselves for swift recovery in the event of an emergency. We urge all utilities to review their all-hazards – including cyber and physical – security plans, exercise those plans and continue to keep Pennsylvanians working, safe and connected.”
President Barack Obama proclaimed November 2015 National Critical Infrastructure Security and Resilience Month.
"The recent terror attacks in Paris highlight how important it is for the state to continue to work with our federal, local and private sector partners on our efforts to improve the security of our critical infrastructure," said Pennsylvania Office of Homeland Security Director Marcus Brown.
The PUC works continuously with federal, state and local government agencies on cybersecurity efforts, collaborating to ensure that critical infrastructure is protected from cyber-attacks, in addition to sensitive business and consumer information.
On October 1, Commissioner Witmer announced the release of the PUC’s second edition of its Cybersecurity Best Practices for Small and Medium Pennsylvania Utilities.The updated guide outlines for utilities ways to prevent identity or property theft; how to manage vendors and contractors who may have access to a company’s data; what to know about anti-virus software, firewalls and network infrastructure; how to protect physical assets, such as a computer in a remote location or a misplaced employee device; how to respond to a cyber-attack and preserve forensic information after the fact; how to report incidents; the potential benefits of engaging a law firm in advance of a breach; and a list of federal cyber incident resources.