Ampyx Cyber Blog

The Intersection of Regulation & Resilience

Funded, Not Secured: The April 20 DPA Determinations & the Bulk Electric System
Policy Pulse Patrick Miller Policy Pulse Patrick Miller

Funded, Not Secured: The April 20 DPA Determinations & the Bulk Electric System

Two April 20 Defense Production Act determinations expand domestic capacity for grid components and large-scale energy infrastructure. Neither addresses cybersecurity. For the electric sector, NERC CIP and Order 693 standards still apply. A practitioner's view of intersections with CIP-013, CIP-014, PRC, FAC, and TPL, and why domestic capacity is not domestic assurance.

Read More
National Cyber Strategy: What It Means for Critical Infrastructure
Policy Pulse Patrick Miller Policy Pulse Patrick Miller

National Cyber Strategy: What It Means for Critical Infrastructure

The Trump administration released its long-awaited National Cyber Strategy. Six pages, six pillars, and a clear signal that federal cyber policy is shifting toward offensive posture and regulatory streamlining. For critical infrastructure operators, the document raises more questions than it answers. Here is what it says, what it doesn't, and what you should do about it.

Read More