The Energy Department is reasserting itself in the cybersecurity landscape.
This week, the department announced more than $30 million in awards to highly advanced energy sector stakeholders in seven different states. The funding will catalyze development of technologies that will strengthen the protection of the oil and gas sector and utilities assets from cyber-breaches.
“Change is inevitable,” said Patricia Hoffman, assistant secretary at the Office of Electricity Delivery and Energy Reliability, in a blog post. “To continue adapting and meeting the challenges of today’s evolving cyber challenges, we must continue investing in new, innovative technologies that will help the energy sector stay ahead of what’s next.”
DOE’s new strategy — the Roadmap to Achieve Energy Delivery Systems Cybersecurity — guides each department’s core cybersecurity work. The Office of Electricity Delivery and Energy Reliability and Energy Sector Control Systems Working Group designed this road map with a clear vision in mind: to design, install, operate and maintain strong energy delivery systems capable of surviving cyber-attacks.
The department is putting an emphasis on bolstering its cybersecurity efforts with various programs and initiatives. DOE’s Cybersecurity for Energy Delivery Systems program supports research, development and commercialization of new technologies. Since 2010, DOE has invested more than $100 million in cybersecurity research and development with awards to national labs, universities and industry.
Secure Information Exchange Gateway for Electric Grid Operations is another DOE-funded program, which has improved security of data communication between utilities.
“Our ongoing commitment is also reflected in other ways,” Hoffman said. “Such as working closely with the White House and our federal and industry partners to spearhead the development of a tool that is now being used by the electricity industry and the oil and gas sector to improve their own cybersecurity, and our collaboration with industry to develop a risk management process.”
DOE also considered the cybersecurity of its Smart Grid Investment Grant projects, making it a requirement that all recipients of $3.4 million in DOE funding modernize their grid and develop cybersecurity plans. The plans must explain how each grant recipients will identify and mitigate cybersecurity risks, and how their systems will maintain cybersecurity efforts.