Hydropower Cybersecurity Value-at-Risk Framework
The Cybersecurity Value-at-Risk Framework (CVF) introduces a novel approach that identifies cybersecurity risks directly impacting hydropower operations and generates risk valuation guidance to inform investment decisions. The CVF provides facility owners and operators with risk management controls and produces next steps to mitigate identified risks, including scores that stakeholders can use to prioritize future cybersecurity investments. The CVF online tool guides users through a detailed analysis of plant cybersecurity control practices. Users answer a series of questions, and their responses are compared against multidimensional criteria for the risk of environmental, operational, and economic impacts. The CVF is an industry-accessible tool for user-friendly, risk-based cybersecurity valuation assessments.