DOE Cybersecurity Office to Brief New Report on Electric Grid

October 31, 2022 by Dan McCue
DOE Cybersecurity Office to Brief New Report on Electric Grid

WASHINGTON — Federal officials will brief a new report outlining the key cybersecurity recommendations for clean energy integration, grid modernization and distributed energy resources on Monday, Nov. 7.

The report was prepared by the Department of Energy’s Office of Cybersecurity, Energy Security and Emergency Response and the Office of Energy Efficiency and Renewable Energy.

During the virtual briefing, the Idaho National Laboratory will provide a briefing on the energy sector threat landscape and its significance for distributed energy resources.

The report notes that the U.S. electric grid is undergoing significant changes as the U.S. transitions to a clean energy future and stresses that it is important, while this occurs, to ensure that cybersecurity is incorporated into new devices, systems, and infrastructure and that “security by design” is a core component of these systems.


The report provides an overview of cybersecurity considerations that should be considered by the power sector, including utilities and distributed energy resources operators, providers, integrators, developers, and vendors.

However, agency officials note the report is not meant to be a comprehensive review of cybersecurity considerations for the energy industry, but rather will serve as a catalyst for further conversations between industry and government stakeholders.


“The industry must partner with the energy sector and government efforts to address these challenges over the next decade,” the report says. “This means ensuring that new controls and software interfaces for these smart devices are cybersecure and standardized to mitigate emerging cyber risks. 

“Securing the [electric grid] also will require addressing the varying ways that DER operate, including their different controls and the fact that owner/operator entities do not have a defined role in securing the grid. Other challenges include assessing how cyberattacks could affect grid operations,” it says.

The report notes that existing cybersecurity standards and best practices, such as multifactor authentication, endpoint detection and response, encryption, and a skilled and empowered security team, may need to be refined for specific deployment use cases. 

“When implementing cybersecurity requirements, grid and planners should build cyberdefenses with the goal of surviving an attack while maintaining critical functionality,” the report says. 

“Future systems must be designed, built, and operated in an enforced zero-trust model where data is validated using cryptographically secure mechanisms informed by standards, testing, and vulnerability assessments. Broad industry involvement is key to the development, approval, and implementation of robust cybersecurity standards.”


Dan can be reached at [email protected] and at https://twitter.com/DanMcCue.

 

A+
a-

In The News

Health

Voting

Cybersecurity

October 31, 2022
by Dan McCue
DOE Cybersecurity Office to Brief New Report on Electric Grid

WASHINGTON — Federal officials will brief a new report outlining the key cybersecurity recommendations for clean energy integration, grid modernization... Read More

WASHINGTON — Federal officials will brief a new report outlining the key cybersecurity recommendations for clean energy integration, grid modernization and distributed energy resources on Monday, Nov. 7. The report was prepared by the Department of Energy’s Office of Cybersecurity, Energy Security and Emergency Response and... Read More

September 16, 2022
by Dan McCue
FEC Clears Path for Warren to Spend Campaign Funds on Cybersecurity

WASHINGTON — Sen. Elizabeth Warren, D-Mass., can use campaign funds to pay for the cost of reasonable cybersecurity measures to... Read More

WASHINGTON — Sen. Elizabeth Warren, D-Mass., can use campaign funds to pay for the cost of reasonable cybersecurity measures to protect her home network, the Federal Election Commission announced on Friday. The decision came in response to an advisory opinion request on behalf of Warren Democrats... Read More

September 9, 2022
by Madeline Hughes
CISA Looking to Change Cybercrime Reporting Rules

WASHINGTON — As cybercrimes are on the rise, the Cybersecurity and Infrastructure Security Agency is asking people, businesses and other... Read More

WASHINGTON — As cybercrimes are on the rise, the Cybersecurity and Infrastructure Security Agency is asking people, businesses and other organizations for feedback on what its new reporting rules should look like. The agency released the eight-page request for information Friday asking people how the agency... Read More

July 13, 2022
by Madeline Hughes
Atlantic Council Offers New Approach to Cybersecurity  

WASHINGTON — The Atlantic Council outlined Tuesday how the U.S. government and businesses can work together to protect the nation’s... Read More

WASHINGTON — The Atlantic Council outlined Tuesday how the U.S. government and businesses can work together to protect the nation’s power grid from cyberattacks. The United States’ power grid is increasingly reliant on digital technology and the internet. This is especially true as the country moves... Read More

July 6, 2022
by Reece Nations
National Computer Forensics Institute Reauthorization Critical to Security

HOOVER, Ala. — As the National Computer Forensics Institute comes up for congressional reauthorization, forensics and cybersecurity experts told The... Read More

HOOVER, Ala. — As the National Computer Forensics Institute comes up for congressional reauthorization, forensics and cybersecurity experts told The Well News how the institute’s standardized curriculum is critical to contemporary law enforcement activities. Having a centralized hub for preparing police for handling incidents related to... Read More

May 18, 2022
by Dan McCue
Federal Agencies Told to Act Quickly to Turn Back Cyberthreat

WASHINGTON — The entity charged with protecting federal agencies from bad cyber actors issued a rare emergency directive Thursday, warning... Read More

WASHINGTON — The entity charged with protecting federal agencies from bad cyber actors issued a rare emergency directive Thursday, warning they should quickly take steps to protect themselves from vulnerabilities found in VMware. VMware is a cloud computing and virtualization technology company headquartered in Palo Alto,... Read More

News From The Well
scroll top