Energy Department launches cyber protection initiative for electrical grid

Fri, 2012-01-06 08:33 AM
By: Mark Rockwell

U.S. Energy Secretary Steven Chu unveiled an initiative on Jan. 5 to further protect the electrical grid from cyber attacks, dubbed the “Electric Sector Cyber security Risk Management Maturity” project.

The White House initiative, said Chu in a statement, is led by the Department of Energy (DOE) in partnership with the Department of Homeland Security (DHS) and will leverage private industry and public sector experts to build on existing cyber security measures and strategies to construct a more comprehensive and consistent approach to protecting the nation’s energy delivery system.

“This effort will be focused on performance-based strategies and concrete steps to measure progress of cyber security in the electric sector,” said White House Cyber Security Coordinator Howard Schmidt in the Jan. 5 DOE statement. “It is important to understand the sector’s strengths and remaining gaps across the grid to inform investment planning and research and development, and enhance our public-private partnership efforts.”

The new initiative, said DOE, will build on existing cyber security efforts by the White House and industry, to develop a “maturity model” that allows utility companies and grid operators to measure their current capabilities and analyze gaps in their cyber defenses. Maturity models, which rely on best practices to identify an organization’s strengths and weaknesses, are widely used by other sectors to improve performance, efficiency and quality, said the agency.

To launch the initiative, DOE said its leadership, the White House and DHS met on Jan. 5 with more than two dozen senior leaders from across the electric sector. Over the next several months, DOE said it will host a series of workshops with the private sector to draft a maturity model that can be used throughout the electric sector.

The agency expects more than a dozen electric utilities and grid operators to participate in the pilot program to test the maturity model, assess its effectiveness and validate results. This public-private partnership and pilot program will help develop a risk management maturity model that is expected to be made available to the electric sector later this summer, said the agency.

As cyber threats to the nation’s electrical grid become increasingly sophisticated and dynamic, the Department of Energy said it is continuing to work closely with DHS, other government agencies, and industry to reduce the risk of energy disruptions due to cyber incidents. It said that in September, it released a Roadmap to Achieve Energy Delivery Systems Cyber security and a Cyber security Risk Management Process Guideline establishing frameworks and processes to help the electricity sector manage cyber security risk. The newest initiative launched on Jan. 5, said DOE, builds on those existing efforts by taking a more tactical approach that works well for the entire electric sector.

http://www.gsnmagazine.com/node/2537...ure_protection