Issues & Policy
Electricity Subsector Coordinating Council (ESCC)
The Electricity Subsector Coordinating Council (ESCC) serves as the principal liaison between leadership in the federal government and in the electric power sector, with the mission of coordinating efforts to prepare for national-level incidents or threats to critical infrastructure.
Protecting the energy grid from threats that could impact national security and public safety is a responsibility shared by both the government and the electric power sector. The ESCC facilitates and supports policy- and public affairs-related activities and initiatives designed to enhance the reliability and resilience of the energy grid. These activities include all hazards, steady-state preparation, and emergency preparedness, response, and recovery for the nation’s electricity sector.
ESCC Web site(Open external link)(Open external link)(Open external link)
ESCC Brochure(Open external link)(Open external link)(Open external link)
ESCC Ransomware Preparedness(Open external link)(Open external link)(Open external link)
Cyber Mutual Assistance Program
The ESCC Community is a private meeting space that provides members of the ESCC with a shared calendar, files and discussion forums. At this time, the Community is for Senior Executive Working Group (SEWG) industry members only in order to address concerns about sharing documents with our government partners. If you are interested in learning how to join the Community, please contact Hailey Siple at firstname.lastname@example.org
Access the Community(Open external link)(Open external link)(Open external link)
Model Procurement Contract Language Addressing Cybersecurity Supply Chain Risk
To facilitate managing cybersecurity supply chain risks, a committee of representatives of EEI member companies developed this model to align cybersecurity requirements and to encourage adoption by the vendor community. Recognizing the importance of procurement in managing supply chain risk, the member companies who developed the model focused on the processes required by the NERC supply chain risk management reliability standard—CIP-013-1—and they also included language that goes beyond this requirement with the goal of improving cybersecurity. The model is a starting point for negotiations with vendors and service providers—it should not be considered a best practice or requirement, and it can be adopted/adjusted as appropriate. Version 3.0 released in October 2022 reflects evolving industry best practices, including refinement of industry standards, it adjusts notification timeframes and other time-specified requirements, and it modifies language where appropriate.
Security Matters is a recurring article series in EEI’s Electric Perspectives(Open external link) magazine.