On September 12, 2014, the Department issued a Federal Register Notice announcing the availability of the Energy Sector Cybersecurity Framework Implementation Guidance for public comment. Comments must be received on or before October 14, 2014.

Comments to be submitted electronically must be submitted to the email address Cyber.Framework@hq.doe.gov using the submission form available below. Written comments may be submitted to Akhlesh Kaushiva, Program Manager, Office of Electricity Delivery and Energy Reliability, U. S. Department of Energy, 1000 Independence Avenue, SW, Washington, D.C. 20585.

In February 2014, the National Institute of Standards and Technology (NIST) released a Cybersecurity Framework. DOE has collaborated with private sector stakeholders through the Electricity Subsector Coordinating Council (ESCC) and the Oil & Natural Gas Subsector Coordinating Council (ONG SCC) forums for the development of the draft Guidance. The DOE has also been coordinating with other Sector Specific Agency representatives and interested government stakeholders for the development of the draft Guidance and to address cross-sector overlaps. The primary goal of the document is to help energy sector stakeholders develop or align existing cybersecurity risk management programs to meet the objectives of the Cybersecurity Framework. The document will also help energy sector organizations effectively demonstrate and communicate their cybersecurity risk management approach and use of the Framework to both internal and external stakeholders. 

The draft Energy Sector Cybersecurity Framework Implementation Guidance and comment submission form are available below.