100-Day Plan to Enhance Electrical Grid Security UnveiledBiden Administration Plan Is Part of a Broader Critical Infrastructure Protection Effort
The Biden administration is rolling out a 100-day plan to improve cybersecurity and address cyberthreats across the nation's electrical grid.
The White House says the program is part of a broader cybersecurity plan designed to address issues across the nation's critical infrastructure.
The 100-day initiative will involve government agencies that are responsible for the security of critical infrastructure as well as businesses and private utilities that oversee or own infrastructure, such as electrical distribution systems that deliver power to homes.
"Public-private partnership is paramount to the administration's efforts because protecting our nation's critical infrastructure is a shared responsibility of government and the owners and operators of that infrastructure," says Emily Horne, a spokesperson for the National Security Council.
Some lawmakers and a government watchdog agency have recently criticized the Department of Energy for its cybersecurity practices, especially in the wake of the SolarWinds supply chain attack, which led to follow-on attacks on the DOE and eight other federal agencies, plus 100 companies.
In March, the Government Accountability Office released a report that found the U.S. electrical grid's distribution systems, which deliver electricity directly to customers, are increasingly vulnerable to cyberthreats and urged the Energy Department to incorporate these systems into its cybersecurity plans (see: GAO: Electrical Grid's Distribution Systems More Vulnerable).
Some security experts have criticized President Joe Biden's $2 trillion infrastructure spending proposal for lacking cybersecurity specifics, including security enhancements for the nation's electrical grid. Others analysts, however, noted that any improvements in infrastructure would likely strengthen security by updating and replacing older equipment (see: Biden's Infrastructure Plan: 3 Cybersecurity Provisions).
As part of the 100-day plan for the nation's electrical grid, the Energy Department's Office of Cybersecurity, Energy Security, and Emergency Response, or CESER, will work with the Cybersecurity and Infrastructure Security Agency and private utilities to make a series of cybersecurity improvements.
The goals of the project include:
- Encouraging owners and operators of power plants and facilities to enhance security incident detection, mitigation, response and forensic capabilities;
- Deploying technologies to allow for real-time situational awareness within industrial control systems and operational technology networks;
- Reinforcing the IT networks and infrastructure used within facilities;
- Deploying technologies to increase the visibility of threats within ICS and OT systems.
The Energy Department also is seeking suggestions from electric utilities, energy companies, academia, research laboratories, government agencies and others for improving supply chain security within U.S. energy systems.
While the emphasis on protecting and shoring up cybersecurity around the nation's electrical grid is long overdue, updating and improving complex OT and ICS systems will be a time-consuming process, says Austin Berglas, who formerly was an assistant special agent in charge of cyber investigations at the FBI's New York office.
"Operational technology - or computing systems used to manage industrial operations opposed to administrative actions - often rely on outdated, unprotected systems that were not manufactured with security in mind," says Berglas, who is now global head of professional services at cybersecurity firm BlueVoyant. "In many instances, this will require a complete transformation of process and technology. There will need to be a significant investment in resources, both human and capital, to bring many energy companies up to a higher standard of cybersecurity."
Padraic O'Reilly, co-founder and chief product officer of CyberSaint Security, also notes that when making changes and updates to ICS and OT systems, the federal government is in a unique position to help private organizations focus on what needs to be modernized.
"With so much of the infrastructure privatized and in need of modernization, it can be difficult to get everyone pulling in the same direction, and the Department of Energy and CISA can really help with this," O'Reilly says.
Lawmakers are growing more concerned about cyberthreats facing the nation's electrical grid, including from nation-state attackers and others.
In March, a bipartisan group of U.S. senators sent a letter to Energy Secretary Jennifer Granholm demanding that the DOE place a greater emphasis on cybersecurity as part of strategic planning and that the new administration keep the leadership of CESER in place to better respond to threats (see: Senators Raise Concerns About Energy Dept. Cybersecurity).
At a recent U.S. Senate Intelligence Committee hearing, Sen. Dianne Feinstein, D-Calif., asked Gen. Paul Nakasone, the head of the U.S. Cyber Command and the National Security Agency, about China's ability to use cyber tools to disrupt natural gas pipelines and Russia's ability to interfere with the U.S. electrical grid (see: Senators Push for Changes in Wake of SolarWinds Attack).
Nakasone acknowledged that China and Russia have continued to improve their cyber capabilities and noted that the U.S. government is looking to strengthen its defenses for critical infrastructure.