A cybersecurity program is an integrated group of activities designed and managed to meet cybersecurity objectives for the organization and/or the function
Cybersecurity risk is one component of the overall business risk environment and cannot be completely eliminated. However, it can be managed through informed decision-making processes.
An asset is something of value to an organization. It is critical to manage the organization’s IT & OT assets, including both hardware and software assets, as well as information essential to operating the function
Situational Awareness involves developing near real time knowledge of a dynamic operating environment. Rapid shifts among predetermined emergency operations can enable faster and more effective response to cybersecurity threats
Create and manage identities for entities that may be granted logical or physical access to the organization’s assets
Any security incident could significantly affect critical infrastructure and organizational assets and services and require an effective response to limit adverse impacts.
As the interdependencies among infrastructures, operating partners, suppliers, service providers and customers increase, establishing and maintain a comprehensive understanding of key relationships and managing the associated risks is essential.
Establish and maintain plans, procedures and technologies to detect, identify, analyse, manage and respond to cyber security threats and vulnerabilities
The purpose of information sharing is to strengthen cybersecurity by establishing and maintaining a framework for interaction among utilities, as well as with the government
As utilities increasingly adopt advanced digital technology, workforce issues become a crucial aspect of successfully addressing cybersecurity and risk management
© 2018 - Wed Sep 18 18:00:55 UTC 2019 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.