As part of its Aggregation Plan, as described in COMAR 20.63.11.02, the CCA shall submit to the Commission a proposed cybersecurity plan, including:
- A. Cybersecurity-related governance, risk management, procurement practices, personnel hiring, training policies, situational awareness, response, recovery, and transparent reporting of cybersecurity incidents to State and federal entities;
- B. How the CCA will inform the Commission of a cybersecurity breach; and
- C. An explanation of the application of the county’s cybersecurity plan, policies, procedures, and support to the CCA, if applicable.
Authority: Public Utilities Article, §§1–101(b), (f), and (k), 7–306(f)(5) and (h), 7–306.2(d)(3), 7–507(a), 7–510(f) and 7–510.3, Annotated Code of Maryland
Effective date: February 5, 2024 (51:2 Md. R. 76)