Subscribe to receive Urgent Communications Newsletters
Catch up on the latest tech, media, and telecoms news from across the critical communications community
DOE issues cybersecurity best practices for securing clean-energy supply chains
1 Min Read
The Department of Energy released a new framework of best practices for securing clean energy cyber supply chains, including key technologies used to manage and operate electricity, oil and natural gas systems.
The principles outline 10 best cybersecurity practices for suppliers, as well as 10 for consumers, with a focus on risk management, transparency, operational resilience and proactive incident response.
The Biden administration called out the heightened need for such guidance as the threat of cyberattacks against the energy sector continues to grow from both foreign and domestic actors.
Dive Insight:
The Energy Department’s Office of Cybersecurity, Energy Security, and Emergency Response developed the guidelines with input from energy automation and industrial control system manufacturers, as well as the Idaho National Laboratory, which specializes in cybersecurity research.
The department lists 10 best practice areas for both suppliers and end users. They include priorities such as maintaining vulnerability management processes for suppliers that follow industry best practices, as well as providing product support, including security patches and mitigations throughout the lifecycle of an end user transaction.
For end users, the department encourages the inclusion of contractual language for “those terms, conditions, and testing requirements that will influence your security outcomes,” and working with suppliers to fully understand and integrate appropriate cybersecurity controls and platforms.
To read the complete article, visit Utility Dive.
