DoE Releases Framework Guidance

Wednesday, January 14, 2015 @ 10:01 AM gHale


The Department of Energy (DoE) released guidance to help the energy sector establish or align existing cybersecurity risk management programs to meet the objectives of the Cybersecurity Framework released by the National Institutes of Standards and Technology (NIST) in February 2014.

The voluntary Cybersecurity Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure and ended up developed in response to Executive Order 13636 “Improving Critical Infrastructure Cybersecurity” through collaboration between industry and government.

RELATED STORIES
Smart Grid Framework Updated
Security a Top Concern at Utilities
Smart Grid Framework 3.0 Available
Electric Grid Size Matters

The Framwork enables organizations — regardless of sector, size, degree of cybersecurity risk, or cybersecurity sophistication — to apply the principles and effective practices of risk management to improve the security and resilience of critical infrastructure.

The concept behind the Framework is to not replace or limit an organization’s risk management process and cybersecurity program, but enhance a program.

Each sector and individual organization can use the Framework in a tailored manner to address its cybersecurity objectives.

In developing this guidance, the Energy Department collaborated with private sector stakeholders through the Electricity Subsector Coordinating Council and the Oil & Natural Gas Subsector Coordinating Council. DoE also coordinated with other Sector Specific Agency representatives and interested government stakeholders.

Click here to view the Energy Sector Cybersecurity Framework Implementation Guidance.



Leave a Reply

You must be logged in to post a comment.