Welcome to the new Energy Central — same great community, now with a smoother experience. To login, use your Energy Central email and reset your password.

Department of Energy Releases New Cybersecurity Strategy

The National Cyber-Informed Engineering Strategy is a program to develop resilient clean energy systems able to withstand cyber threats

The U.S. Department of Energy (DOE) has released its National Cyber-Informed Engineering (CIE) Strategy, which will provide a routemap for enhancing utility systems to withstand cyber attacks. The DOE recommends incorporating cybersecurity technology early in the design of engineered systems. This is an important part of the current administration's plan to reach net-zero carbon emissions by 2050.

U.S. Secretary of Energy, Jennifer M. Granholm says, “Building a powerful and resilient grid that can withstand the full gamut of modern cyber threats begins at the design level.” She continues, “Through this strategy, DOE is laying out a framework for ensuring the once-in-a-generation investment from the Bipartisan Infrastructure Law secures our energy sector and delivers a stronger, cleaner electric grid.”

The strategy is organized into five key concept areas:

  • Awareness

  • Education

  • Development

  • Current Infrastructure

  • Future Infrastructure

This program aims to reduce or eliminate cyber vulnerabilities by engineering better defenses. The CIE Strategy is also focused on reducing the impact of disruptions to the USA's critical energy infrastructure even if an attack is successful.

The National Defense Authorization Act 2020 instructed the DOE to create a multi-stakeholder working group, comprised of senior technical leaders from across government, industry, academia, and the DOE National Laboratories, to develop a new strategy to defend the USA's energy infrastructure from cybersecurity threats, vulnerabilities, and risks in the most critical industrial control systems. The DOE’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) headed the development of the National CIE Strategy and also pursued its goal of identifying new security vulnerabilities in industrial control systems as well as investigating the technologies and standards used to secure those control systems.

To download the full DOE National Cyber-Informed Engineering Strategy, click here.

2 replies