Protecting the nation’s energy infrastructure from all hazards, including the cyber threat, is fundamental to the mission of the Office of Electricity Delivery and Energy Reliability. Every day, we work closely with industry, our national laboratories, academia, and federal and state partners to reduce the risk of energy disruptions due to a cyber incident and, if one does occur, mitigate its effects without loss of critical functions.
The Office of Electricity Delivery and Energy Reliability announced up to $27 million in funding for academic collaborations that will develop and transition advanced cybersecurity technologies to the energy sector. With cybersecurity for the energy sector emerging as one of the most serious challenges associated with grid modernization and infrastructure protection, maintaining a robust pipeline of cutting-edge technologies is essential to helping the energy sector continue adapting to the changing cyber landscape.
The Academic Collaboration for Cybersecurity of Energy Delivery Systems (CEDS) Research and Development for the Energy Sector Funding Opportunity Announcement (FOA) will bring together academic institutions with the expertise and vision needed to develop and transition innovative technologies that will help utilities further reduce the risk of a power disruption resulting from a cyber incident.
Over the past week, the Energy Department has unveiled several new measures, including funding, newly-commercialized technology, and practical guidance, that will further strengthen the cybersecurity of the nation’s energy infrastructure. Vice President Biden announced yesterday that the Energy Department will provide a $25 million grant over the next five years to bring together 13 historically black colleges and universities (HBCUs), two national labs, and the Charleston County School District in South Carolina to create a sustainable pipeline of students focused on cybersecurity. Today, our national laboratory in Oak Ridge, Tennessee announced licensing of its Hyperion software, which helps detect software that has been maliciously altered, to a company that plans to make it available to the energy sector later this month. Meanwhile, late last week, the Office of Electricity Delivery and Energy Reliability (OE) released guidance to help the energy sector meet the objectives of the cybersecurity framework released last year by the National Institutes of Standards and Technology in response to Executive Order 13636 “Improving Critical Infrastructure Cybersecurity.”
These important steps are the latest signs of progress being made in protecting the nation’s power grid from cyber threats.
The Energy Department today released guidance to help the energy sector establish or align existing cybersecurity risk management programs to meet the objectives of the Cybersecurity Framework released by the National Institutes of Standards and Technology (NIST) in February 2014. The voluntary Cybersecurity Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure and was developed in response to Executive Order 13636 “Improving Critical Infrastructure Cybersecurity” through collaboration between industry and government.
Our electric grid is undergoing a major transformation, with $4.5 billion in Recovery Act funds being used to help catalyze the adoption of smart technologies and systems designed to increase the electric grid’s flexibility, reliability, efficiency, affordability, and resiliency. Titilayo Ogunyale talked with Tim Conway, Technical Director at the SANS Institute, which provides information security training and security certification, about how organizations can address the challenges of strengthening their own cybersecurity workforces.
The Electric Sector Cybersecurity Risk Maturity Model Pilot is a new White House initiative led by the Department of Energy to develop a model to help us identify how secure the electric grid is from cyber threats and to test that model with participating utilities.