Currently, the number of cybersecurity incidents in the electricity sector has increased and there have been significant attacks on Colombian utilities. Therefore, it is of great relevance to identify and implement cybersecurity models that help utilities establish the state of maturity in which they are to define actions and use tools in identifying, evaluating, and mitigating cyber incidents to strengthen the cyber resilience of the power system. This article proposes a methodology to assess the state of cybersecurity in the electricity sector based on the cybersecurity practices implemented and their maturity in the utilities. 14 methods were analyzed, and the methodology proposed was built based on the international benchmarks of the NIST and NARUC entities. The methodology was implemented for the Colombian case and 23 utilities with power plants, substations, FACTS, control centers, international connections, and transmission lines were evaluated. The 2022 assessment results show that most utilities have the levels of identify, protect, detect, respond, and recover, partially implemented. At the maturity level, the identify function must be improved in the supply chain management category. In the protect function, improvements must be made in the data security category and in the information protection processes and procedures. In the detect function, it should be improved in the category of events and anomalies. In turn, in the response function, it is necessary to improve the response communication category and in the recover function it is necessary to improve the maturity indices of all categories. It is recommended to empower cybersecurity management at all hierarchical levels to strengthen learning, orchestration, and sectoral collaboration.
