DoE Releases Supply Chain Cyber Guide

Building in Protections During Product Design, Manufacturing
DoE Releases Supply Chain Cyber Guide

The Department of Energy has released new guidance to help strengthen energy delivery system cybersecurity.

See Also: Managing Access & Risk in the Increasingly Connected Operational Technology Environment

The guidance, Cybersecurity Procurement Language for Energy Delivery Systems, provides strategies and suggested language to help the U.S. energy sector and technology suppliers build in cybersecurity protections during product design and manufacturing.

"As the cybersecurity landscape continues to evolve, new threats, technologies, techniques, practices and requirements may need to be considered during the energy sector procurement process," the guidance says. "This document will also need to evolve to meet the challenges of this changing landscape."

The guidance provides baseline cybersecurity procurement language for the following:

  • Individual components of energy delivery systems (e.g., programmable logic controllers, digital relays or remote terminal units);
  • Individual energy delivery systems;
  • Assembled or networked energy delivery systems.

"The Energy Department is committed to building a stronger and more secure electric grid through partnerships with industry, state and local governments and other federal agencies," says Energy Secretary Ernest Moniz. "As we deploy advanced technologies to make the U.S. power grid more reliable and resilient, we must simultaneously advance cybersecurity protections. The cybersecurity guidance ... will help industry further strengthen these technologies and protect our critical energy infrastructure."

White House Cybersecurity Coordinator Michael Daniel says managing supply chain risk is a key cybersecurity challenge. "This new guidance is a great example of the Administration's continued emphasis on building a strong partnership between industry and government," he says. "These efforts have produced tangible results, including this resource, which will enable organizations to use the principles in the new cybersecurity framework to address supply chain considerations."

About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.