New DOE Office to Focus on Cyber Threats to Energy Sector

By Tom O’Keefe, consultant

Facing mounting cybersecurity challenges, the Department of Energy recently created a new office, the Office of Cybersecurity, Energy Security, and Emergency Response (CESER). Karen Evans, a long-term fixture in cybersecurity in the federal government, was confirmed to lead the office on September 4, 2018. Dedicated to shoring up the cybersecurity of the U.S. energy grid, as well as protecting its own IT assets, the formation of CESER yet again demonstrates the government’s focus on protecting critical infrastructure from foreign attacks.

There are opportunities for industry within CESER, although it’s not your typical cyber play, like protecting against malware and viruses; it’s more about threat intelligence, information sharing and cyber situational awareness.

Threat intelligence: CESER will act as a collection center for information on threats against the domestic energy sector, which is designated by the Department of Homeland Security as a part of U.S. “critical infrastructure.” The types of information collected here will include any threats against energy production systems, operational technology networks (SCADA and other industrial control devices) and similar systems that could impact the resiliency of the U.S. energy grid.

Information sharing: CESER will serve as a centralized information hub for threats from nation states, bad actors and other potential vulnerabilities to the U.S. energy grid. A key part of this is the dissemination of information to the membership of the Cybersecurity Risk Information Sharing Program (CRISP), a voluntary public-private partnership whose members provide over 75 percent of electricity to U.S. customers. Opportunities here will include the ability to easily organize, share and distribute information to energy grid stakeholders to ensure there are no major interruptions in the delivery of electricity to U.S. consumers.

Cyber situational awareness: CESER will monitor who and what are planning to attack the U.S. and ensure that states, localities, and private operators of the energy grid know if anything is happening in real-time. Projects like the Cybersecurity for the Operational Technology Environment (CYOTE) provide real-time observation of anomalous traffic on networks and can identify if threats are imminent. There’s a chance here for industry to help with networking monitoring tools and penetration testing of energy networks.

This new office has asked for more than $180M in the FY19 budget request, so there’s a sizable amount of opportunity here for technology vendors who sell into DOE. Make sure to tailor your message around cyber situational awareness and threat intelligence and you’ll likely have success selling into the new organization at the Department of Energy!

Like what you just read? Subscribe to immixGroup’s Government Sales Insider blog.