Protecting America’s energy systems from cyber attacks and other risks is a top national priority. The Department of Energy’s DOE Multiyear Plan for Energy Sector Cybersecurity, which was released today, lays out an integrated strategy to reduce cyber risks in the U.S. energy sector by pursuing high-priority activities that are coordinated with other DOE offices, and with the strategies, plans, and activities of the federal government and the energy sector. This Plan will provide a critical foundation to the Office of Cybersecurity, Energy Security, and Emergency Response (CESER). The Plan outlines a game-changing strategy for DOE, informed by the energy industry’s highest-priority needs, which will continue to be built upon by CESER leadership. The Plan identifies the goals, objectives, and activities that DOE will pursue over the next five years to reduce the risk of energy disruptions due to cyber incidents.
Reliable energy and power is the cornerstone of our advanced digital economy and is essential for critical operations in transportation, water, communications, finance, food and agriculture, emergency services, and more. Today, any cyber incident has the potential to disrupt energy services, damage highly specialized equipment, and threaten human health and safety. As nation-states and criminals increasingly target energy networks, the federal government must help reduce cyber risks that could trigger a large-scale or prolonged energy disruption. While the Plan outlines activities specifically for DOE, we look forward to conducting these efforts in close partnership with the energy industry and federal and non-federal partners throughout the nation.