The Energy Department today released guidance to help the energy sector establish or align existing cybersecurity risk management programs to meet the objectives of the Cybersecurity Framework released by the National Institutes of Standards and Technology (NIST) in February 2014. The voluntary Cybersecurity Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure and was developed in response to Executive Order 13636 “Improving Critical Infrastructure Cybersecurity” through collaboration between industry and government.
Our electric grid is undergoing a major transformation, with $4.5 billion in Recovery Act funds being used to help catalyze the adoption of smart technologies and systems designed to increase the electric grid’s flexibility, reliability, efficiency, affordability, and resiliency. Titilayo Ogunyale talked with Tim Conway, Technical Director at the SANS Institute, which provides information security training and security certification, about how organizations can address the challenges of strengthening their own cybersecurity workforces.
The Electric Sector Cybersecurity Risk Maturity Model Pilot is a new White House initiative led by the Department of Energy to develop a model to help us identify how secure the electric grid is from cyber threats and to test that model with participating utilities.