Ampyx Cyber Blog

The Intersection of Regulation & Resilience

Cyber on Tap, Part Two: New York's Water Cybersecurity Regulation Is Now in Force
Policy Pulse Patrick Miller Policy Pulse Patrick Miller

Cyber on Tap, Part Two: New York's Water Cybersecurity Regulation Is Now in Force

New York's Appendix 5-E cybersecurity regulation for public water systems took effect March 11, 2026, making it the first mandatory, enforceable water cybersecurity framework in the country. This post covers who is in scope, what is required, when it is due, and what resources are available to help. It also examines what New York's action means in the context of a federal policy environment that is actively stepping back from sector-specific cybersecurity regulation.

Read More
Interconnection Gets Teeth: Virginia Puts Cyber into the Rulebook
Policy Pulse Patrick Miller Policy Pulse Patrick Miller

Interconnection Gets Teeth: Virginia Puts Cyber into the Rulebook

Virginia moves cyber into DER interconnection. State Corporation Commission (SCC) Staff proposes adopting IEEE 1547.3-2023 and the NARUC/DOE Baselines, requiring utilities to publish minimum cybersecurity standards, audit & report annually, and align Technical Interconnection (TIIR) settings for secure comms/ports. Bottom line: meeting utility cyber controls becomes a condition of interconnection.

Read More