The U.S. Department of Energy (DOE) Energy Threat Analysis Center (ETAC) pilot led by the Office of Cybersecurity, Energy Security, and Emergency Response (CESER), is a public-private partnership that convenes experts from the federal government and the U.S. energy sector, joining analytic capabilities from the national laboratories with real-world threat insights to secure critical infrastructure and support the nation’s response to energy system threats.
As the U.S. energy sector continues to evolve and grow, persistent cyber threats and risks from various sources—nation states, criminals, and other malicious actors—pose significant challenges. How these threats are analyzed, addressed, and shared can vary across the energy sector and the federal government, revealing a need for enhanced collaboration, improved information-sharing, and more timely recommendations. DOE is the Sector Risk Management Agency (SRMA) and Sector-Specific Agency (SSA) for the energy sector and works closely with public and private sector partners to secure the nation’s critical energy infrastructure.
The need and opportunity for ETAC has been broadly recognized by Congress and the Executive Branch. The Infrastructure Investment and Jobs Act (IIJA) of 2021 directed DOE to develop and carry out a program to provide operational support for energy sector cyber resilience—a charge ETAC is implementing. Additionally, the National Cybersecurity Strategy highlights ETAC as an example of the operational collaboration models that the U.S. needs to enable timely, actionable, and relevant information sharing to defend critical infrastructure. The program is currently in its pilot phase, which began in April 2023.
- Strengthen the collective defense, response, and resilience of the U.S. energy sector, by establishing a collaborative capability that allows government and industry to work together to develop actionable threat information and share actionable insights and threat mitigations.
- Improve the collective understanding of national security risks associated with the energy sector, which are or could be exploited by adversaries.
- Achieve a deeper understanding of threat actor tactics, capabilities, and activities which potentially impact systemic risks to the energy sector.
- Facilitate increased sharing and analysis of actual and likely threat activity between the energy sector and government, to ensure energy security and resilience for all Americans.
Partnership and Collaboration
ETAC will meet its objectives through operational coordination across government and industry partners to better identify, contextualize, prioritize, and mitigate threats to our nation’s energy infrastructure.
CESER manages ETAC with support from DOE’s Office of Intelligence and Counterintelligence, in partnership with the national laboratories, and in close coordination with the Cybersecurity and Infrastructure Security Agency (CISA) Joint Cyber Defense Collaborative (JCDC).
The national laboratories provide the analytical engine for ETAC, with partners including:
- Idaho National Laboratory
- Lawrence Livermore National Laboratory
- National Renewable Energy Laboratory
- Oak Ridge National Laboratory
- Pacific Northwest National Laboratory