The Ontario Energy Board recently published a report entitled “Cybersecurity Framework to Protect
Access to Electronic Operating Devices and Business Information Systems within Ontario’s Non-Bulk
Power Assets.” As Ontario’s independent energy regulator, this represents a significant step toward
strengthening the industry focus on cyber security and privacy. The framework defines a process and
provides tools to facilitate continuous improvement in organizations that are subject to OEB regulatory
oversight.
This whitepaper introduces the OEB Cyber Security Framework, describes the basic steps in the process
and assesses its impact on the Local Distribution Companies (LDCs). The benefits of leveraging Securityas-a-Service to meet the compliance requirements in a timely and more cost-efficient manner are also
identified.