PUC Advances Proposed Cybersecurity Regulations For Pennsylvania Utilities
Proposal Would Strengthen Cybersecurity Standards, Incident Reporting, and Utility Preparedness Across Regulated Industries
HARRISBURG – The Pennsylvania Public Utility Commission (PUC) today voted 5-0 to approve a Notice of Proposed Rulemaking (NOPR) that would strengthen cybersecurity requirements for regulated utilities, continuing the Commission’s efforts to help protect critical utility infrastructure and maintain safe, reliable service for Pennsylvania consumers.
The proposed regulations would modernize and expand the Commission’s existing cybersecurity framework, establishing updated standards for utility cybersecurity programs, enhancing cybersecurity incident reporting requirements, and requiring annual certifications of compliance by jurisdictional utilities.
“Cybersecurity is a fundamental part of both utility reliability and public safety,” said PUC Chairman Steve DeFrank. “As utilities increasingly rely on interconnected technologies to provide essential services, it is important that our regulatory framework continues to evolve alongside emerging threats. This proposal reflects a thoughtful, comprehensive approach that seeks to strengthen utility preparedness while pr…