More and more Information Technology products are moving to the Cloud – software running in a remote datacenter owned by a qualified organization or entity other than the utility. This approach is increasingly used by suppliers of cybersecurity solutions because it is less expensive for the customer and in many ways, easier for the utility, but the relevant concern here is cybersecurity. For electric utilities, there are many challenges with the Cloud approach. These include loss of direct control of their data (which is transmitted to the remote datacenter) and legal compliance requirements that generally specify tight data control. Remotely hosted solutions – often called Software-as-a-Service (SaaS) – also have potentially negative accounting implications for utilities, an issue that state regulators are examining for possible changes. Finally, utility governance rules must often be changed to ensure the security of data and the integrity of results determined by remote data analysis. For all these reasons, Best Practices for moving to Cloud cybersecurity solutions are presently in flux. As such, utilities and regulators will benefit from an unbiased analysis of vendors and the determination of Best Practices to guide decisions.

Educational Institution Connections:

Protect Our Power is seeking an Educational Institution to develop information within this Topic for use by North American Electric Utilities. Contact Erick Ford at for more information or to recommend an Educational Institution.