Any reduction in Energy Department’s cybersecurity resources a mistake

Excerpt

In March, a bipartisan group of senators led by Jim Risch (R-Idaho) and Angus King (I-Maine) sent a letter to Energy Secretary Jennifer Granholm expressing support for the department’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER). Joined by the chair and ranking member of the Senate Committee on Energy and Natural Resources, the letter highlighted the vital role CESER plays “in protecting the nation’s critical energy infrastructure from cyber threats, physical attacks, and other disruptive events.” More than a month later, the Biden administration has still not nominated an assistant secretary to lead the office.

The letter reflects the senators’ concerns that the Biden administration is considering downgrading the CESER billet from the assistant secretary level to make space for new assistant secretary assignments for justice and jobs. Coming on the heels of a Government Accountability Office (GAO) report highlighting the Department of Energy’s (DOE) unfinished work to secure the nation’s electric grid and supply chains, Secretary Granholm would be making a mistake if she were to reduce the seniority of cybersecurity leadership at the department.

As the sector risk management agency for the energy sector, DOE has done important work to address vulnerabilities in electrical generation and transmission systems, but as the GAO report concluded, there is more work to be done. DOE’s cybersecurity plans “do not fully address risks to the grid’s distribution systems.” In response, DOE acknowledged GAO’s assessment, agreed with its recommendation, and then pointed to two ongoing CESER research projects aimed at improving the cybersecurity of these systems. This remaining work is critical for securing the part of the electric grid that delivers (distributes) the electricity produced in power plants (generation), transmitted through high-voltage systems (transmission), the last mile to our homes and businesses.

Retired Rear Admiral Mark Montgomery is a senior fellow at the Foundation for Defense of Democracies (@FDD), senior director of FDD’s Center on Cyber and Technology Innovation (CCTI), and senior advisor to the chairmen of the Cyberspace Solarium Commission. Follow him on Twitter @MarkCMontgomery. Tasha Jhangiani, a research analyst at the Cyberspace Solarium Commission and a Future Digital Security Leaders Fellow at the Institute for Security and Technology, contributed. Follow her on Twitter @tasha_jhangiani. FDD is a nonpartisan research institute focused on national security and foreign policy. Congress established the Cyberspace Solarium Commission to “develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences.”