Issues & Policy
Key Facts
Electricity Subsector Coordinating Council (ESCC)
The Electricity Subsector Coordinating Council (ESCC) serves as the principal liaison between leadership in the federal government and in the electric power sector, with the mission of coordinating efforts to prepare for national-level incidents or threats to critical infrastructure.
Protecting the energy grid from threats that could impact national security and public safety is a responsibility shared by both the government and the electric power sector. The ESCC facilitates and supports policy- and public affairs-related activities and initiatives designed to enhance the reliability and resilience of the energy grid. These activities include all hazards, steady-state preparation, and emergency preparedness, response, and recovery for the nation’s electricity sector.
ESCC Web site(Open external link)(Open external link)(Open external link)
ESCC Brochure(Open external link)(Open external link)(Open external link)
ESCC Ransomware Preparedness(Open external link)(Open external link)(Open external link)
Cyber Mutual Assistance Program(Open external link)(Open external link)(Open external link)
ESCC Community
The ESCC Community is a private meeting space that provides members of the ESCC with a shared calendar, files and discussion forums. At this time, the Community is for Senior Executive Working Group (SEWG) industry members only in order to address concerns about sharing documents with our government partners. If you are interested in learning how to join the Community, please contact Hailey Siple at hsiple@eei.org
Access the Community(Open external link)(Open external link)(Open external link)

Model Procurement Contract Language Addressing Cybersecurity Supply Chain Risk
To facilitate managing cybersecurity supply chain risks, a committee of representatives of EEI member companies developed this Model to align cybersecurity requirements and to encourage adoption by the vendor community. Recognizing the importance of procurement in managing supply chain risk, the member companies who developed the Model focused on the processes required by the NERC supply chain risk management reliability standard—CIP-013-1 Requirement 1, Part 1.2—but also included language that goes beyond this requirement with the goal of improving cybersecurity. The model is a starting point for negotiations with vendors and service providers—it should not be considered a best practice or requirement, has not yet been tested by vendors and service providers, and can be adopted/adjusted as appropriate. Version 2.0 includes revisions to reflect evolving industry practices, including changes which broaden references to specific industry standards, adjust notification timeframes and other time-specified requirements, and modify language where appropriate to support use with value-added resellers. Additional updates were made to clarify existing concepts.
Model Procurement Contract Language Addressing Cybersecurity Supply Chain Risk

Security Matters
Security Matters is a recurring article series in EEI’s Electric Perspectives(Open external link) magazine.