Cybersecurity for Critical Energy Infrastructure

You are here

In today’s highly interconnected world, reliable energy delivery requires cyber-resilient energy delivery systems. In fact, the nation’s security, economic prosperity, and the well-being our citizens depends on reliable energy infrastructure. As such, a top priority for the Office of Cybersecurity, Energy Security, and Emergency Response (CESER) is to make the nation’s electric power grid and oil and natural gas infrastructure resilient to cyber threats.

CESER's Cybersecurity for Energy Delivery Systems (CEDS) Division advances the research and development of innovative technologies, tools, and techniques to reduce risks to the Nation’s critical energy infrastructure posed by cyber and other emerging threats. Continuing to increase the security, reliability, and resiliency of our electricity delivery system will help ensure the success of grid modernization and transformation of the Nation’s energy systems. CEDS activities include the ongoing support of research, development, and demonstration of advanced cybersecurity solutions, acceleration of information sharing to enhance situational awareness, and technical assistance in the development and adoption of best practices.  

The vision of CESER’s cybersecurity program is that, by 2020, resilient energy delivery systems are designed, installed, operated, and maintained to survive a cyber incident while sustaining critical functions. CESER’s cybersecurity program supports activities in three key areas:

The first two strategic efforts are building the energy sector’s day-to-day operational capabilities to share cyber-incident information, improve organizational and process level cybersecurity posture, and perform cyber-incident response and recovery. The remaining effort is innovating cyber-resilient energy infrastructure through the research, development and demonstration of new tools and technologies to reduce the risk that energy delivery might be disrupted by a cyber incident.

With 90 percent of the nation’s power infrastructure privately held, coordinating and aligning efforts between the government and the private sector is vital. To achieve its vision, CESER works closely with representatives of the energy sector, companies that manufacture energy technologies, the National Laboratories, universities, other government agencies, and other stakeholders.

Industry partners include the Electricity Subsector Coordinating Council (ESCC), the Electricity Information Sharing and Analysis Center (E-ISAC), the Oil and Natural Gas Subsector Coordinating Council, and industry-led research partnerships. Federal partners include DHS via the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), Science & Technology, and the National Cybersecurity and Communications Integration Center (NCCIC); NIST Smart Grid Interoperability Panel (SGIP); DARPA; DOD and others. In particular, CESER is a member of the Networking and Information Technology Research and Development (NITRD) program that provides a forum for inter-agency coordination of networking and information technology research activities.

As the Sector-Specific Agency (SSA) for electrical infrastructure, DOE ensures unity of effort and serves as the day-to-day federal interface for the prioritization and coordination of activities to strengthen the security and resilience of critical infrastructure in the electricity subsector. Our ongoing collaboration with vendors, utility owners, and operators of the electricity and oil and natural gas sectors strengthens the cybersecurity of critical energy infrastructure against current and future threats.