The U.S. power grid underpins national security, public safety, and economic stability, but faces growing cyber risks from vulnerabilities in industrial control systems, remote access, and poor cyber hygiene. Despite its critical importance, current policy remains fragmented and reactive. This paper proposes a dual policy approach to strengthen grid cybersecurity: enhanced information sharing between government and private utilities to improve threat detection and response, and standardized cyber hygiene practices to reduce common attack vectors. For long-term resilience, a Unified National Cybersecurity Framework is recommended to align existing NERC, IEC, IEEE, and NIST standards, eliminate regulatory overlap, and adapt to evolving threats. Together, these policies offer both immediate and sustainable improvements in safeguarding the nation's most vital infrastructure.

翻译：美国电网是国家安全、公共安全和经济稳定的基石，但面临日益增长的网络安全风险，这些风险源于工业控制系统漏洞、远程访问机制以及薄弱的网络卫生实践。尽管电网至关重要，现行政策仍呈现碎片化且被动应对的特点。本文提出一种双重政策路径以加强电网网络安全：通过加强政府与私营电力公司之间的信息共享以提升威胁检测与响应能力，并推行标准化的网络卫生实践以减少常见攻击途径。为实现长期韧性，建议构建统一的国家网络安全框架，以协调现有NERC、IEC、IEEE和NIST标准，消除监管重叠，并适应不断演变的威胁。这些政策共同为保护国家最关键的基础设施提供了即时且可持续的改进方案。