On March 18, 2021, the U.S. Department of Energy (DOE) Office of Cybersecurity, Energy Security and Emergency Response (CESER) announced "three new research programs to safeguard the U.S. energy system from growing cyber and physical hazards." The initiatives "will ramp up protections by [1] addressing potential global supply chain security vulnerabilities, [2] protecting critical infrastructure from electromagnetic and geomagnetic interference, and [3] building a research and talent pipeline for next-generation cybersecurity."

Energy Secretary Jennifer M. Granholm connected the efforts to "unprecedented threat levels from hackers, foreign actors, and natural catastrophes supercharged by climate change," as well as the importance of "resilient electrical infrastructure" to President Biden's clean energy goals.

The new programs will seek to:

  1. "Secure against vulnerabilities in globally-sourced technologies." CESER will work to enhance security by "joining with Schweitzer Engineering Laboratories in the Cyber Testing for Resilient Industrial Control System (CyTRICST) program . . . to use state-of-the-art analytics to test the various digital tools used by energy sector partners for security issues." This "will make it easier to identify and address potential vulnerabilities within industrial control systems before bad actors can exploit them."
  2. "Develop solutions to electromagnetic and geomagnetic interference." Such risks include "electromagnetic pulse (EMP) attacks and less likely, but equally devastating geomagnetic disturbance (GMD) events-both of which could overload and damage energy systems." In this regard, DOE notes that it is already "collaborating with various utilities and labs on efforts to test, model, and assess systemic vulnerabilities to electromagnetic and geomagnetic interference." Additional research "will inform development of methods for protecting and mitigating impacts [of EMP and GMD events] on energy infrastructure."
  3. "Cultivate research on cybersecurity solutions and new talent needed to deploy." Here, DOE will "tap[] into the innovative capacity of American universities to develop new cybersecurity technologies and train the next generation of cybersecurity experts employed by the energy sector," including through new funding opportunities.

Additional information on CESER and its work is available here.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.