Cybersecurity
The PUC’s Cyber Team, created in 2012, is comprised of staff from the Office of the Executive Director, the Bureau of Audits, the Office of Management Information Systems, the Bureau of Technical Utility Services, the Law Bureau and the Office of Communications. The team meets bi-weekly or as necessary and provides recommendations to Commissioners for cybersecurity-related initiatives such as training, communications, etc.
Advisory
Iranian Cyber Threats to U.S. Critical Infrastructure - Dated October 20, 2023. The PUC issued a Cybersecurity Advisory to public utilities in Pennsylvania reminding utilities to remain vigilant for cybersecurity threats that could impact critical infrastructure.
Cybersecurity Threats on Critical Infrastructure - Dated February 25, 2022. The PUC issued a Cybersecurity Advisory to public utilities in Pennsylvania reminding utilities to remain vigilant for cybersecurity threats that could impact critical infrastructure.
Ransom Threats Cybersecurity Advisory - Dated May 24, 2021. The PUC has issued a Cybersecurity Advisory to public utilities across Pennsylvania highlighting cybersecurity best practices following a recent cyberattack on the Colonial Pipeline Company – which disrupted fuel supplies along the East Coast.
Public Water Company Cybersecurity Advisory - Dated February 25, 2021. On Feb. 5, 2021, a water treatment plant in Oldsmar, Florida, experienced a cyberattack which was intended to gain control over the Supervisory Control and Data Acquisition (SCADA) systems used to monitor and regulate the amount of sodium hydroxide within the water supply. To make sure that Pennsylvania water companies are aware of the incident the PUC, Office of Cybersecurity Compliance and Oversight has issued a cybersecurity advisory.
Best Practices
Cybersecurity Best Practices for Small & Medium Pennsylvania Utilities - Fifth Edition, June 2022. The guide outlines red flags to look for and ways to prevent identity or property theft; how to manage vendors and contractors who may have access to a company’s data; what to know about anti-virus software and much more.
Gov. Tom Wolf proclaimed October 2016 Cybersecurity Awareness Month in Pennsylvania.
On Oct. 1, 2015, the PUC united state and federal government agencies, utility companies and law enforcement to highlight National Cybersecurity Awareness Month and the collaborative work being done to protect Pennsylvania’s critical infrastructure. Event participants included the PUC, the U.S. Department of Homeland Security, the Pennsylvania Office of Administration, the Pennsylvania Emergency Management Agency, the Pennsylvania State Police, the Pennsylvania Office of Homeland Security, the South Central PA Task Force, UGI Utilities Inc., Pennsylvania American Water, Verizon Pennsylvania and PPL Electric Utilities.
Securing Small & Medium-Sized Business Supply Chains
Cybersecurity and Infrastructure Security Agency (CISA) released a new handbook for small and medium-sized businesses on January 10, 2023, regarding business supply chains.
Securing Small and Medium-Sized Business (SMB) Supply Chains: A Resource Handbook to Reduce Information and Communication Technology Risks Developed by the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force, the handbook provides an overview of the highest supply chain risk categories commonly faced by ICT SMBs, including cyber risks.
It contains several use cases and applicable resources to assist ICT SMBs in identifying the supply chain security practices they can take to enhance their security. The handbook is intended to provide supply chain guidance to SMBs that may have limited finances, share resources on how to enhance the SMB reporting and vetting processes when purchasing ICT, and offer methods and guidance to tackle the most common and highest priority risks faced by SMBs.
Cybersecurity Press Conference Video
Cybersecurity Compliance and Oversight
The Commission's Office of Cybersecurity Compliance and Oversight (PUC-OCCO) has been monitoring the evolving Coronavirus (COVID-19) situation and its impact on cybersecurity. The PUC-OCCO has been taking part in the Department of Homeland Security, Critical Infrastructure Security Agency (DHS-CISA) government and industry coordination calls. These calls issue guidance and information for critical infrastructure partners to prepare for, respond to, and mitigate any effects that a cybersecurity event would have on the utilities regulated by the PUC.
Complaints
Learn how to submit a complaint with a public utility. You can also search existing formal complaints.
Get Details811: PA One Call
Homeowners and contractors must call 8-1-1 before starting any digging or excavation project.
Get DetailsNeed More Help?
If you can't find what you're looking for here, please contact the PA Public Utility Commission. Call us at 1-800-692-7380 or contact us online.
Document Search
Public utility documents available electronically include case dockets, public meeting orders and more.
Filing & Resources
Find utility-related reports, laws and regulations, federal filings, tariffs, procedures and more.
eFILING
Consumers, utilities and attorneys can save time by submitting documents to the PUC electronically.