Blog

Energy Department Releases Guidance for Implementation of Cybersecurity Framework

The Energy Department today released guidance to help the energy sector establish or align existing cybersecurity risk management programs to meet the objectives of the Cybersecurity Framework released by the National Institutes of Standards and Techno...

Office of Electricity

January 8, 2015
minute read time

The Energy Department today released guidance to help the energy sector establish or align existing cybersecurity risk management programs to meet the objectives of the Cybersecurity Framework released by the National Institutes of Standards and Technology (NIST) in February 2014.  The voluntary Cybersecurity Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure and was developed in response to Executive Order 13636 “Improving Critical Infrastructure Cybersecurity” through collaboration between industry and government.     

Strengthening the security and resilience of the nation’s critical infrastructure to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, privacy, and civil liberties is vital to national and economic security. Today’s release of the Energy Sector Cybersecurity Framework Implementation Guidance is another important step in helping industry create and sustain resilient systems that can survive a cyber incident while maintaining critical functions by helping organizations better understand how they can leverage the framework’s prioritized approach.  In developing this guidance, we collaborated with private sector stakeholders through the Electricity Subsector Coordinating Council and the Oil & Natural Gas Subsector Coordinating Council. We also coordinated with other Sector Specific Agency representatives and interested government stakeholders.   

As the Energy Sector-Specific Agency, the Energy Department worked closely with federal and private sector partners to ensure alignment between its Cybersecurity Capability Maturity Models (C2M2) and the framework. The guidance released today discusses in detail how the C2M2, which helps organizations evaluate, prioritize, and improve their own cybersecurity capabilities, maps to the framework. The guidance also recognizes that there are a number of other risk management tools, processes, standards, and guidelines already widely used by energy sector organizations that align well with the Cybersecurity Framework.  
 
The Energy Department has a long history of working closely with federal partners, including the Department of Homeland Security, and private partners on the cybersecurity of critical energy infrastructure. Since 2010, the Department has invested more than $150 million in cybersecurity research, development and commercialization projects led by industry, universities and national labs, including new technologies that strengthen the security of energy delivery system computers against unexpected activity and of communications between field devices and control centers. All of the Department’s cybersecurity activities align with the Roadmap to Achieve Energy Delivery Systems Cybersecurity, which was developed by industry, facilitated by the Energy Department, and released in September 2011. To learn more about the Department’s support of the Administration’s strategic and comprehensive approach to cybersecurity for the grid, visit the cybersecurity section of the Department’s Office of Electricity Delivery and Energy Reliability’s website.

Patricia A. Hoffman

Photo of Principal Deputy Assistant Secretary Hoffman

Acting Assistant Secretary, Principal Deputy Assistant Secretary, Office of Electricity

Former Principal Deputy Assistant Secretary for the Office of Electricity (OE) at the U.S. Department of Energy (DOE), Ms. Patricia A. Hoffman also served as Acting Under Secretary for Science and Energy from January 2017 until November 2017 when the U.S. Senate confirmed Mark Menezes as Under Secretary of Energy. Ms. Hoffman served as Acting Assistant Secretary for OE from January 2017 until October 2017 when the OE Assistant Secretary was confirmed by the U.S. Senate.

Ms. Hoffman was named Assistant Secretary for OE from June 2010 to January 2017, after serving as Principal Deputy Assistant Secretary since November 2007. The focus of her responsibility was to provide leadership on a national level to modernize the electric grid, enhance the security and reliability of the energy infrastructure and facilitate recovery from disruptions to the energy supply both domestically and internationally. This is critical to meeting the Nation’s growing demand for reliable electricity by overcoming the challenges of our Nation’s aging electricity transmission and distribution system and addressing the vulnerabilities in our energy supply chain.

Prior to her this position, Ms. Hoffman served in a dual capacity as Deputy Assistant Secretary (DAS) for Research and Development (R&D) and Chief Operating Officer (COO) within OE. During her tenure as the DAS for R&D, she developed the long-term research strategy and improved the management portfolio of research programs for modernizing and improving the resiliency of the electric grid. This included developing and implementing sensors and operational tools for wide-area monitoring, energy storage research and demonstration, and the development of advanced conductors to increase the capacity and flexibility of the grid. She also initiated a new research effort focused on integrating and distributing renewable energy through the electric grid, such as promoting plug-in hybrid electric vehicles and implementing smart grid technologies to maintain system reliability. As COO, she managed the OE business operations, including human resources, budget development, financial execution, and performance management.

Prior to joining OE, she was the Program Manager for the Federal Energy Management Program within the Office of Energy Efficiency and Renewable Energy at DOE. This program guides the Federal government to “lead by example” promoting energy efficiency, renewable energy, and smart energy management. Complementing her building energy efficiency experience, she also was the Program Manager for the Distributed Energy Program, which conducted research on advanced natural gas power generation and combined heat and power systems. Her accomplishments included the successful completion of the Advanced Turbine System program resulting in a high-efficiency industrial gas turbine power generation product.

Ms. Hoffman holds a Bachelor of Science and a Master of Science in Ceramic Science and Engineering from Pennsylvania State University.

Tags:
  • Cybersecurity
  • Energy Security
  • Electricity Industry Insights