This paper provides a far-reaching survey over several aspects of US power grid cybersecurity, including the different types of technical threats that may compromise the system (vulnerabilities in the Industrial Control System or ICS, Internet of Things devices, supply chain risks, hackers exploiting artificial intelligence, etc.), recent policy updates regarding grid security, and proposals for how to improve the cybersecurity of the grid. Written by the Congressional Research Service, the aim of the document is to provide both the context and depth needed for the federal government to make policy decisions regarding this critical area of national security. Notably, it includes a section surveying recent legislation related to cybersecurity policy. These include the Grid Cybersecurity Research and Development Act (October 2017), the Cyber Sense Act of 2018 (March 2018), and the Enhancing Grid Security through Public-Private Partnerships Act (March 2018). The document lists a number of recent attacks against Industrial Control Systems (ICS) in the United States by foreign actors, which, though not particularly severe, are worrying in that they are part of a trend of increasing cyberattacks in recent years. These cyberattack instances include (1) intrusions on SCADA (Supervisory Control and Data Acquisition) systems of the Bowman Dam in Rye, New York by Iran’s Islamic Revolutionary Guard Corps-affiliated hackers; (2) reconnaissance intrusions believed to have been conducted by hackers from North Korea in October 2017; and (3) malware spread by Russian government hackers that collected intelligence about US manufacturing and infrastructure companies in March 2018. The diversity of these attacks and the actors involved convey the severity of the threat faced by the United States, indicating the dire need for governmental policy overhaul in this area.