DOE kicks off cybersecurity plan, seeks stakeholder input

“The United States faces a well-documented and increasing cyber threat from malicious actors seeking to disrupt the electricity Americans rely on to power our homes and businesses,” said Secretary of Energy Jennifer Granholm. “It’s up to both government and industry to prevent possible harms—that’s why we’re working together to take these decisive measures, so Americans can rely on a resilient, secure, and clean energy system.”

Details: According to the DOE, “Over the next 100 days, DOE’s Office of Cybersecurity, Energy Security, and Emergency Response—in partnership with electric utilities—will continue to advance technologies and systems that will provide cyber visibility, detection, and response capabilities for industrial control systems of electric utilities.”

The DOE said that in addition to modernizing cybersecurity defenses, the initiative will do the following:

• Encourage owners and operators to implement measures or technology that enhance their detection, mitigation, and forensic capabilities.
• Include concrete milestones for owners and operators to identify and deploy technologies and systems that enable near real-time situational awareness and response capabilities in critical ICS and operational technology networks.
• Reinforce and enhance the cybersecurity posture of critical infrastructure information technology networks.
• Include a voluntary industry effort to deploy technologies to increase visibility of threats in ICS and operational technology networks.

Comments requested: The launch of the initiative coincides with a DOE request for information (RFI) seeking input, by June 7, from electric utilities, energy companies, academia, research laboratories, government agencies, and other stakeholders to inform future recommendations for supply chain security in U.S. energy systems. A notice on the RFI was published in the April 22 Federal Register.