New Research Effort Enhances Transparency, Will Make It Easier for Consumers and Users of Technology to Evaluate Security and Make Informed Purchases
WASHINGTON, D.C. — The Biden-Harris Administration, through the U.S. Department of Energy’s (DOE) Office of Cybersecurity, Energy Security and Emergency Response (CESER), today announced a new initiative to research and develop cybersecurity labeling for energy products. Funded by President Biden’s Bipartisan Infrastructure Law, this effort will mobilize researchers from six National Laboratories to explore the best methods to present information about security features in energy products to inform consumer decisions. The effort, led by the Federal Communications Commission (FCC), supports the Biden-Harris Administration’s new “U.S. Cyber Trust Mark” program and aims to help Americans more easily choose smart devices that are safer and less vulnerable to cyberattacks.
“Today’s announcement marks an important milestone in our journey toward a more secure energy sector to benefit all Americans,” said Puesh Kumar, Director of the DOE Office of Cybersecurity, Energy Security, and Emergency Response. “We look forward to partnering with the Federal Communications Commission, the Cybersecurity and Infrastructure Security Agency, DOE National Laboratories, and our industry partners to advance the cybersecurity of energy systems.”
The DOE Cybersecurity Labeling Research Program will encourage vendor innovation and investment in product security and improve transparent communication about security in the energy product marketplace. At the conclusion of this one-year effort, findings, including the label concept and lessons learned, will be shared with all involved partners and will inform full implementation by the FCC.
Participating laboratories include Lawrence Livermore National Laboratory, Idaho National Laboratory, National Renewable Energy Laboratory, Oak Ridge National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories, with planned participation from industry partners as well.
DOE’s Continued Commitment to Enhancing Cybersecurity
The cybersecurity labeling initiative is part of the Department’s larger Energy Cyber Sense program focused on supply chain risk management and security. The Energy Cyber Sense program aims to collaborate with energy industry and manufacturers for identifying and mitigating supply chain cybersecurity risks and building the resources and capabilities for a secure energy delivery systems supply chain.
DOE’s Cyber-Informed Engineering (CIE) is an emerging method to engineer cybersecurity protections into energy infrastructure from the earliest phases of the design process. Both CIE and the new U.S. Cyber Trust Mark program support the agency’s overall effort to improve supply chain cybersecurity for the U.S. energy sector.
Funding for the cyber labeling initiative is provided through the Bipartisan Infrastructure Law, which is enabling DOE to make game-changing investments in research and development, demonstration, and deployment programs to strengthen the security and resilience of the U.S. energy sector.
For more information about DOE’s efforts to secure the nation’s energy sector, please visit: www.energy.gov/ceser.