DOE Cybersecurity Office to Brief New Report on Electric Grid

October 31, 2022 by Dan McCue
DOE Cybersecurity Office to Brief New Report on Electric Grid

WASHINGTON — Federal officials will brief a new report outlining the key cybersecurity recommendations for clean energy integration, grid modernization and distributed energy resources on Monday, Nov. 7.

The report was prepared by the Department of Energy’s Office of Cybersecurity, Energy Security and Emergency Response and the Office of Energy Efficiency and Renewable Energy.

During the virtual briefing, the Idaho National Laboratory will provide a briefing on the energy sector threat landscape and its significance for distributed energy resources.

The report notes that the U.S. electric grid is undergoing significant changes as the U.S. transitions to a clean energy future and stresses that it is important, while this occurs, to ensure that cybersecurity is incorporated into new devices, systems, and infrastructure and that “security by design” is a core component of these systems.

The report provides an overview of cybersecurity considerations that should be considered by the power sector, including utilities and distributed energy resources operators, providers, integrators, developers, and vendors.

However, agency officials note the report is not meant to be a comprehensive review of cybersecurity considerations for the energy industry, but rather will serve as a catalyst for further conversations between industry and government stakeholders.

“The industry must partner with the energy sector and government efforts to address these challenges over the next decade,” the report says. “This means ensuring that new controls and software interfaces for these smart devices are cybersecure and standardized to mitigate emerging cyber risks. 

“Securing the [electric grid] also will require addressing the varying ways that DER operate, including their different controls and the fact that owner/operator entities do not have a defined role in securing the grid. Other challenges include assessing how cyberattacks could affect grid operations,” it says.

The report notes that existing cybersecurity standards and best practices, such as multifactor authentication, endpoint detection and response, encryption, and a skilled and empowered security team, may need to be refined for specific deployment use cases. 

“When implementing cybersecurity requirements, grid and planners should build cyberdefenses with the goal of surviving an attack while maintaining critical functionality,” the report says. 

“Future systems must be designed, built, and operated in an enforced zero-trust model where data is validated using cryptographically secure mechanisms informed by standards, testing, and vulnerability assessments. Broad industry involvement is key to the development, approval, and implementation of robust cybersecurity standards.”

Dan can be reached at [email protected] and at https://twitter.com/DanMcCue.

 


A+
a-
  • grid
  • In The News

    Health

    Voting

    Cybersecurity

    July 18, 2023
    by Tom Ramstack
    Congress Told AI Holds Great Risks and Benefits for US Military

    WASHINGTON — Artificial intelligence experts warned Tuesday during a congressional hearing of ominous dangers for the United States if it... Read More

    WASHINGTON — Artificial intelligence experts warned Tuesday during a congressional hearing of ominous dangers for the United States if it falls behind in developing the technology but a bright future by taking the lead. One of the greatest risks would be defending against a foreign enemy... Read More

    July 17, 2023
    by Dan McCue
    DOE, Sandia Labs to Host Bioenergy Cybersecurity Workshop

    WASHINGTON — The Department of Energy’s Bioenergy Technologies Office is partnering with the Sandia National Laboratories in New Mexico to... Read More

    WASHINGTON — The Department of Energy’s Bioenergy Technologies Office is partnering with the Sandia National Laboratories in New Mexico to present a virtual workshop on the cybersecurity risks in biofuel and bioproduct manufacturing. The Microsoft Teams session will be held on Sept. 11 from 1 p.m.... Read More

    May 17, 2023
    by Tom Ramstack
    US Prosecutors Indict Russian for Ransomware Attacks

    WASHINGTON — The Justice Department indicted a Russian citizen Tuesday prosecutors accused of ransomware campaigns that netted him and his... Read More

    WASHINGTON — The Justice Department indicted a Russian citizen Tuesday prosecutors accused of ransomware campaigns that netted him and his conspirators about $200 million in stolen payments. The victims were mostly in the United States. They included nonprofits, hospitals and police departments, such as the Washington,... Read More

    Congress Eyes New Rules for Tech: What's Under Consideration

    WASHINGTON (AP) — Most Democrats and Republicans agree that the federal government should better regulate the biggest technology companies, particularly... Read More

    WASHINGTON (AP) — Most Democrats and Republicans agree that the federal government should better regulate the biggest technology companies, particularly social media platforms. But there is very little consensus on how it should be done. Should TikTok be banned? Should younger children be kept off social... Read More

    April 19, 2023
    by Tom Ramstack
    House Panel Demands Stronger Cybersecurity in Wake of Health Records Breach

    WASHINGTON — A month after cyberthieves looted a local health insurance database making off with the sensitive personal records of... Read More

    WASHINGTON — A month after cyberthieves looted a local health insurance database making off with the sensitive personal records of members of Congress and thousands of others, a member of a congressional panel looking into the incident on Wednesday declared "that may not be the full... Read More

    March 16, 2023
    by Tom Ramstack
    SEC Seeks Court Order in Investigation of Chinese Cyberattack

    WASHINGTON — A Securities and Exchange Commission investigation of a Chinese cyberattack is being opposed by some of Washington, D.C.’s... Read More

    WASHINGTON — A Securities and Exchange Commission investigation of a Chinese cyberattack is being opposed by some of Washington, D.C.’s biggest law firms. The SEC says it is trying to investigate the extent of 2020 cyberattacks in the United States, such as the one that penetrated... Read More

    News From The Well
    scroll top