The Department of Energy is launching an initiative to enhance cyber security on the electric grid. The initiative, led by the Department’s Office of Electricity Delivery and Energy Reliability (OE), the National Institute of Standards and Technology and the North American Electric Reliability Corporation, will be an open collaboration with representatives from across the public and private sectors to develop a cyber security risk management process guideline for the electric sector.
Traditional cyber security approaches for electric utilities are segmented, with different approaches for control systems and information systems. This has resulted in cyber security requirements that are overly restrictive in some cases, and not restrictive enough in others. At best, requirements are overlapping, but more often result in gaps in cyber security coverage.
“Cyber security is vital to the development of a modern electric grid,” said OE Assistant Secretary Patricia Hoffman, “We recognize that each utility faces different risks; now we need to provide them with standard, adaptable solutions to manage those risks.”
The leadership team has invited stakeholders from across the electric sector to participate, including representatives from the Federal Energy Regulatory Commission, the Department of Homeland Security, and both publicly and privately owned utilities. The group will develop a risk management process guideline that will be made available for public review and comment before it is finalized and issued.