Why is Industry-Government Collaboration Required to Secure the...

Why is Industry-Government Collaboration Required to Secure the Energy Infrastructure?

By Energy CIO Insights | Wednesday, May 27, 2020

The energy industry is adopting digitization at a quick pace and it has to collaborate with the government to safeguard themselves against cyberattacks.

FREMONT, CA: The modern world is highly energy-dependent and highly interconnected. A nation’s security, economic prosperity, and the well-being of the citizens depend on reliable energy infrastructure. A cyber attack on a power grid can cause a lot of disruption in the country and affect millions of lives. Thus, energy providers must be cyber-resilient and secure the energy infrastructure in the industry, and the government has to collaborate. Today, the most crucial priority of the energy industry is to understand the risks and the mitigation strategy. The National Association of Regulatory Utility Commissioners (NARUC) Committee on Critical Infrastructure received an update from its industry partners at their 2019 Winter Policy Summit.      

Representatives from the Federal Energy Regulatory Commission (FERC), the U.S. Department of Energy (DOE), the Edison Electric Institute (EEI), and the Electric Power Research Institute (EPRI) briefed the committee about their recent advancements in safeguarding the energy industry from physical and cyber threats. As designated by Presidential Policy Directive 21 (PPD-21), the energy sector is one of the 16 critical infrastructure sectors. Scott Aaronson, vice president of security and preparedness at EEI, says, “The partnership between the electricity subsector and the government has been viewed as the best in class among the 16 critical infrastructure sectors.” 

Kate Marks of DOE presented the committee with the overview of Energy Security and Emergency Response (CESER), which is the Office of Cybersecurity established in February 2018 by the U.S. Secretary of Energy, Rick Perry. “CESER was set up to ensure that DOE works in tandem with the industry and the government to protect U.S. energy infrastructure against cyberattacks, all hazards, disruptive events, and against all hazards,” remarks Kate.

Kate further said that DOE is the agency for energy as well as cybersecurity in the energy sector. The Energy Government Coordinating Council (EGCC) engages with the energy industry through the Oil, and Natural Gas Sector Coordinating Council (ONG SCC) and the electricity subsector coordinating council (ESCC) and is led by the DOE.

CESER has set three priorities, such as improving the understanding of risks and their mitigation processes, building capacity across industry and government, and clarifying industry and government roles in cybersecurity. One of the essential duties of the office is to share information. The Department of Energy shares threat information via reports, conference calls, and quarterly threat briefings. DOE uses a secure website, ISERnet, which is managed by the Infrastructure Security and Energy Restoration (ISER).    

David Andrejcak, the deputy director of the Office of Energy Infrastructure Security (OEIS), addressed the committee as well, saying, “The OEIS provides expertise, assistance, and advice to other federal and state agencies, jurisdictional utilities, and congress on threats.” Andrejcak also said that a technical conference on Security Investments for Energy Infrastructure would be conducted in March by FERC and DOE. The conference will address the physical and cyber practices to secure energy infrastructure as well as incentives and cost recovery by the government.  This indicates that cybersecurity is crucial in the energy industry. Lastly, the industry, and the government will continue to accomplish their shared goals of protecting the energy industry from all threats.

See Also :- Top Enterprise Security Solution Companies

Weekly Brief

Read Also