The Illinois Commerce Commission has announced the establishment of a new Office of Cybersecurity and Risk Management, with Dominic Saebeler serving as director. The initiative complements Governor Bruce Rauner’s commitment to building a more cyber secure Illinois. Through the development of policy, strategy and best practice sharing, the Office of Cybersecurity and Risk Management is charged with prioritizing and supporting the ongoing efforts of regulated Illinois utilities to protect critical infrastructure from cybersecurity risk and unauthorized access to system and electronic data.
While cybersecurity has not traditionally been addressed by state public utility regulators, a December 2015 Ukrainian cyber-attack, which left more than 225,000 customers powerless for six hours, and other recent indications of cyber espionage targeting the United States has made it necessary for regulators to discern how to best protect the services, data and information valuable to customers and companies in the electricity, gas, water and telecommunications industries. “The growing sophistication of utility-based cybersecurity preparation and ongoing efforts to drive comprehensive situational awareness makes the ICC uniquely positioned to partner with stakeholders and encourage further collaboration,” said ICC Chairman Brien J. Sheahan. “The establishment of the Office of Cybersecurity and Risk Management allows us to do so on a consistent basis and maintain the most proactive infrastructure possible within Illinois.”
“The Commission takes seriously its mission to ensure the provision of adequate, safe and reliable public utility services,” said ICC Executive Director Cholly Smith. “Dominic’s legal background and expertise in IT policy make him well equipped for the role and the creation of this office cements our commitment to making sure Illinois is doing everything it can to defend against the potential disruption that cyber intrusions can cause to vital utility services.”
Saebeler is an Illinois attorney whose career has spanned policy, technology and law. In addition to various positions for the State of Illinois, including CIO and General Counsel, he has worked in private sector roles as an attorney and consultant, including seven years at Ameritech (now part of AT&T). Most recently, Saebeler served as the Chief of Information Technology Policy at the Illinois Department of Innovation and Technology (DoIT), a state agency responsible for the information technology functions of agencies under the jurisdiction of the Governor.
“Cybersecurity represents a complex journey that government, businesses and citizens are travelling together with a mutual responsibility,” Saebeler said. “We need to take appropriate steps that minimize risks where possible, avoid hesitancy and inaction, drive productive information sharing and make prudent decisions related to the accelerated use and implementation of emerging technologies, such as cloud computing and intelligent devices, that are a key part of the Internet of Things (IoT).”
The ICC will continue to promote best practices such as those made available through the National Association of Regulatory Utility Commissioners (NARUC). Click here to view NARUC’s recently released third edition of Cybersecurity for State Regulators.