With recent global increases in malicious activity from our adversaries and the rapid digital transformation of our energy systems, the threat of a cyber attack on our nation’s power grid looms large. The continuous attempts from our nation state adversaries to attack the U.S. energy sector reinforce the need for proactive cybersecurity practices that can prevent widespread disruptions to the computers and networks that manage our energy delivery systems.
While cybersecurity professionals have been implementing various tactics to protect informational technology (IT) systems for years, operational technology (OT) assets, which can control power stations or public transportation, were not originally designed to defend against malicious cyberattacks. As utilities modernize grids, energy OT networks are connected to IT, which combined with continuous technology advances increases their susceptibility to potential cyber attacks. In fact, a survey by Fortinet found that 90% of surveyed OT leaders have experienced at least one intrusion in the past year, and more than 39% have seen operational outages that put their systems’ physical safety at risk.
Despite there being a clear need for OT leaders to find protection against vulnerabilities, many organizations need additional talent development and resources to better protect the grid against cyber-enabled sabotage and physical security breaches.
To better support heroes at the frontlines of OT security management, the U.S. Department of Energy’s (DOE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) created the OT Defender Fellowship Program. Sponsored by DOE and supported by Idaho National Laboratory and the Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation, the elite, one-year training program offers middle- and senior-level OT security managers at utilities and refineries an opportunity to more fully understand the cyber strategies and tactics that adversarial state and nonstate actors use in targeting U.S. energy infrastructure. CESER will facilitate meetings with cybersecurity experts to help fellows understand national security issues, the threat space, and how they can lead in ensuring safe and continuous operations across the U.S. energy sector.
Security managers are a utility’s first line of defense against cyber-enabled sabotage and physical security breaches. Ensuring they are well trained and is key to hardening the OT environment and staying ahead of our adversaries. “The Department of Energy continues to do our part to fulfill the direction of the Administration’s Cyber Workforce Executive Order through the establishment of this training program as a pipeline from OT engineers to OT cyber professionals,” said Sean Plankey, Principal Deputy Assistant Secretary for CESER. “Through this initiative, we’re ensuring that front-line security managers are equipped with the resources and education they need to prepare for any cyber-events – whether that be a cyber incident or a natural disaster.”
Learn more about the OT Defender fellowship here: https://inl.gov/otdefender/