The availability of spectrum for utility communications networks, heightened consumer protection and privacy concerns, cloud computing and its application to the smart grid, supply chain security – these are just some of the policy and regulatory issues that could have a significant impact on utilities as they integrate millions of data points for more efficient control of the modernized grid. Attention has been focused on compliance with NERC-CIP mandates and passing audits, but what is their place in the broader security picture? Will other policy developments change the landscape of grid security?