Our national security depends on our ability to secure critical energy infrastructure from cyber threats and attacks. Cyber-attacks to operational technology (OT) networks in the energy sector can lead to damaged equipment and disrupt the flow of the energy people depend on every day.

Today, the Department of Energy’s (DOE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) is releasing the CyOTE: Cybersecurity for the Operational Technology Environment methodology. This methodology will help energy sector owners and operators identify, detect, and protect against cyber threats to OT networks. This CESER initiative was developed in partnership with Idaho National Laboratory (INL) with input from U.S. energy sector owners and operators.

The CyOTE methodology will enable electricity, oil, and natural gas companies to better identify malicious indicators by correlating anomalies in their operational environments (e.g., SCADA operations, alerts in relays, etc.) with cyber activity.

In the coming months, CESER will also develop case studies documenting historical attacks. These case studies will help energy sector owners and operators identify tactics, techniques, and procedures used in those attacks in order to inform their cybersecurity plans.

CESER’s release of the CyOTE methodology complements commercial security solutions and is an important step in improving energy sector cybersecurity. This initiative supports the Administration’s overall efforts to protect U.S. critical infrastructure from cyber threats and attacks as outlined in the recently announced National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems and the 100-Day Plan to Address Cybersecurity Risks.

For more information, download the CyOTE methodology and read more about DOE’s CyOTE program.