Public power districts and electric cooperatives recognize the evolving cyber threat landscape that poses disruptions to Nebraska’s electric grid. As responsible providers of power to our consumer-members, rural electric utilities are taking proactive measures to secure the grid.  
    Cyber threats, ranging from phishing to compromised passwords, have the potential to disrupt power reliability. That’s why rural electric utilities are working to stay one step ahead by continually assessing vulnerabilities, monitoring emerging threats and implementing cybersecurity defense measures. By securing the grid against cyber threats, rural electric utilities ensure a more reliable power supply, reducing the risk of disruptions.  
    Public power districts and electric co-ops are implementing multiple cybersecurity strategies to utilize a defense-in-depth approach, emphasizing concern for our local communities and the importance of reliability for the consumers they serve.
    For Custer Public Power District General Manager Rick Nelson, reliability means repairing wear-and-tear, upgrading its equipment to withstand storms and severe weather, and using technology and best practices to keep its system secure from cybersecurity issues.  
    “Custer Public Power District has added software with internal alarms that warn us of failed attempts or compromised equipment,” he said. “We also work together with electric co-ops and public power districts across the country to develop new technologies and infrastructure, learn from each other and keep the grid’s network secure. For example, we belong to E-ISAC,  it serves as the central information hub for members and partner organizations.  It provides quality analysis and rapid sharing of security information on how to mitigate complex, constantly evolving threats to the grid and infrastructure.  Our employees’ network with other public power districts and organizations in the Nebraska Rural Electric Association to share best practices.”
    Rural electric utilities are deploying advanced monitoring and protection systems that continuously analyze network traffic, detect suspicious activity and alert security personnel to potential problems. Additionally, they regularly practice security audits to identify vulnerabilities, assess risks and implement necessary updates and patches to safeguard critical infrastructure.
    One thing Cuming County Public Power District tries to do is be very proactive in its approach to training and education.
    “The threat landscape is constantly shifting, and we like to let our employees know what to be on the watch for, said Monte Draper, technology supervisor at Cuming County PPD. “Also, as a small company we recognize we can't be the experts at everything. We're capable of a lot, but we're not afraid to ask for help from people smarter than we are. We regularly leverage outside knowledge and experience to keep our systems secure and our customer's information safe.”
    Recognizing that cybersecurity is a team effort, rural electric utilities regularly engage with other utilities, industry organizations, government agencies and cybersecurity experts to share best practices, develop lessons learned and stay up to date on the latest threats. This kind of collaboration enables us to develop robust cybersecurity measures. Public power districts and electric co-ops also participate in mutual aid efforts focused on cybersecurity events, such as the Cyber Mutual Assistance Program. By working together, they are stronger and better prepared.
    Public power districts and electric co-ops also understand the importance of educating all employees on the latest cybersecurity issues, which is why they provide regular trainings to inform utility staff on best practices and the significance of adhering to security protocols.
    “Employee training programs foster awareness of potential threats and safe online practices,” said Clay Gibbs, general manager of Cornhusker Public Power District. “By cultivating an internal culture of cybersecurity awareness, we are improving cyber knowledge and skills for all employees.”
    In addition to internal measures, rural electric utilities are establishing dedicated cybersecurity points of contact so that consumers can easily identify individuals to discuss any cyber-related concerns.
    Dawson Public Power District uses a lot of the standard cybersecurity tools that one would expect to see in a business environment.  
    “MFA, XDR, SOAR, DNS filtering, and immutable offline backups are key parts of our defense,” said Gwen Kautz, general manager of Dawson PPD.  “Email filtering and employee education on phishing/smishing is a must.  We are also focused on increasing network segmentation along with an aggressive stance on patch management.”
    Rural electric utility consumers are regularly targeted by energy scammers, whether through false claims or messages sent as emails, or phone scams from people falsely claiming to represent the utility. By identifying and reporting these incidents, you can help play an important role in keeping our community safe from cyber threats and scams.  
    Public power districts and electric co-ops remain committed to providing reliable power to the consumers they serve. The top priority is to keep your information secure and your lights on.
    Nebraska’s rural electric utilities will continue working hard to strengthen the grid, keep data safe and ensure the long-term well-being of local communities. In the face of increasing cyber threats, these proactive measures provide a foundation for a robust and secure electric grid.