In January 2022, the BCUC surveyed regulated entities to determine their cybersecurity preparedness. The results indicated that entities varied significantly in their ability to address cybersecurity risks.
The BCUC proposed a Cybersecurity Framework to address cybersecurity risk and an annual cybersecurity declaration for public utilities. The Cybersecurity Framework is based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework Version 1.1, is flexible and scalable based on the size and risk of the public utility, and makes use of existing industry guidance.
After an open and transparent comment process, the BCUC established a two-year pilot for the Cybersecurity Framework, effective January 1, 2024. Public utilities are required to adopt the BCUC's Cybersecurity Framework by implementing a new cybersecurity program or aligning their current program.
The BCUC has also created a BC Cybersecurity Framework Resources page for implementation guidance, information on webinars and other resources related to the Cybersecurity Framework pilot.
The timeline below details the BCUC’s projected milestones over the two-year pilot.
Learn more about the two-year pilot for the Cybersecurity Framework in our short video.
NIST has several resources to help regulated public utilities in BC develop or update their cybersecurity programs.
Please see the Additional Resources section on the Cybersecurity Protection page for further information on cybersecurity, including links to agencies and industry groups, threat information and alter sources, and cybersecurity standards and guidelines.