Attacks and Vulnerabilities
Critical infrastructure
Identity and Access Management (IAM)
Industrial Cyber Attacks
Malware, Phishing & Ransomware
News
System Design & Architecture
Threat Landscape
Utilities: Energy & Power, Water, Waste

DOE invests $45 million to fortify US energy sector to enhance cybersecurity, protect from cyber threats

February 28, 2024
DOE invests $45 million to fortify US energy sector to enhance cybersecurity, protect from cyber threats

The U.S. Department of Energy (DOE) announced Monday a funding of US$45 million to protect the nation from cyber threats and improve cybersecurity in its energy sector. The agency announced 16 research, development, and demonstration (RD&D) projects selected by the Office of Cybersecurity, Energy Security, and Emergency Response (CESER) across six states to develop new tools and technologies to prevent cyber attacks and reduce energy disruptions from cyber incidents. 

The latest announcement underscores the U.S. administration’s commitment to bolstering America’s energy and national security. It also helps ensure power continues to flow safely and reliably to communities across the nation.

The six topic areas covered by the CESER included automated cyberattack prevention and mitigation; security and resiliency by design; authentication mechanisms for energy delivery systems; automated methods to discover and mitigate vulnerabilities; cybersecurity through advanced software solutions; and integration of new concepts and technologies with existing infrastructure.

Cyber attacks can cause significant disruption to the reliable flow of energy to American homes, businesses, and communities. This investment will address various current and emerging cyber threats facing energy systems from generation through delivery. Accelerating investments in cybersecurity is critical to achieving President Joe Biden’s ambitious clean energy and climate goals and essential to ensuring a secure, reliable energy supply for American families and businesses.

“DOE is committed to strengthening the nation’s energy sector, including protecting it against current or emerging cyber threats that would threaten Americans’ access to secure, reliable energy,” Jennifer M. Granholm, the U.S. Secretary of Energy, said in a media statement. “With today’s announcement, the Biden-Harris Administration is helping teams across the country develop innovative next-generation cybersecurity solutions for tackling modern-day challenges.”

Last week, the DOE announced its support for the newly released cybersecurity guidelines aimed at electric distribution systems and distributed energy resources (DER) like solar, wind, and storage. The publication underscores the Biden-Harris Administration’s dedication to enhancing the national and energy security of the United States, as well as achieving the President’s objective of a net-zero emissions economy by 2050.

Selected projects will catalyze the development of solutions to address cybersecurity issues across the energy sector, supporting the advancement of a secure, resilient, and reliable energy system for all. To deliver on these capabilities, DOE is partnering with industry stakeholders, vendors, national laboratories, and academic institutions to tackle some of the most pressing issues in energy cybersecurity.

Furthermore, selection for award negotiations is not a commitment by DOE to issue an award or provide funding. Before funding is issued, DOE and the applicants will undergo a negotiation process, and DOE may cancel negotiations and rescind the selection for any reason during that time.  

Some of the selected projects include the Electric Power Research Institute (EPRI), based in Palo Alto, California to develop an advanced artificial intelligence (AI) and data processing capability to detect and respond to cybersecurity incidents in control system endpoints at the grid edge. The General Electric, GE Research, based in Niskayuna, New York, will develop an innovative ability using quantum communication to securely communicate time-sensitive coordination messages that are important to the resiliency of the power grid.    

The Georgia Tech Research Corporation, based in Atlanta, Georgia, will develop ‘DerGuard,’ a framework utilizing AI techniques for automated vulnerability assessment, discovery, and mitigation in DER devices. The Texas A&M University-Kingsville, based in Kingsville, Texas, will research, develop, and demonstrate a zero-trust authentication mechanism with post-quantum cryptography to reduce the cyber-physical security risks to DER devices and networks.

Also, the Iowa State University of Science and Technology, located in Ames, Iowa, will develop technical solutions to be incorporated within the initial stages of the future DER-integrated grid infrastructure development lifecycle for a more resilient operation of critical control functions.

Last month, the CESER announced the release of a $30 million funding opportunity (FOA) for research, development, and demonstration (RD&D) of cybersecurity tools and technologies to protect clean energy infrastructure. The Cyber RD&D FOA for Clean Energy Infrastructure supports CESER’s ongoing work to develop next-generation technologies to protect the nation’s clean energy infrastructure from increasing cyber threats.

Also, the DOE announced that it has granted up to $70 million in funding to support research into technologies designed to increase resilience and reduce risks to energy delivery infrastructure from a variety of hazards, including cyber and physical threats, natural disasters, and climate-change fueled extreme weather events.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation