Cybersecurity

The U.S. Department of Energy's 2024 Cybersecurity Strategy

The U.S. Department of Energy (DOE) Cybersecurity Strategy is a plan for an effective, collaborative, enterprise-wide cybersecurity posture and defense. The increasing reliance on secure technology to achieve the Department’s missions is our guiding light. Each of Energy’s missions, which range from nuclear security, open science research, and clean energy development and deployment, to environmental management and operational enterprise functions, require safe, secure, and resilient technology and the cybersecurity solutions to ensure their operational success. DOE must continue to leverage its broad expertise and capabilities across the Department to strategically manage cybersecurity risks and ensure a secure, resilient, and defensible infrastructure for both the enterprise and the energy sector. Click through the tabs below to learn about the five pillars that make up our 2024 Cybersecurity Strategy.
  • Illustration of global cybersecurity -- lines and points of data merge to create a globe, with a lock icon in the center

    Understanding cybersecurity risks to the DOE enterprise by identifying threats, critical systems and their interdependencies and vulnerabilities, and estimating the likelihood and potential impact of cybersecurity incidents.  Sound understanding of the overarching risk is required to effectively allocate resources, prioritize efforts, and develop an effective mitigation strategy.  

  • Cybersecurity themed illustration featuring a thumbprint

    Mitigating cybersecurity risks by applying zero trust cybersecurity principles and enhancing vulnerability management.  Such protective efforts seek to reduce organizational and systemic risk of unintentional or malicious cyber activities and empower leadership to make informed risk-based decisions, improving the Department’s overall cybersecurity posture. 

  • Illustration of data streams with numbers and lines moving through space

    Enabling mission resilience through enhanced governance and collaborative activities to make the Department’s overall ecosystem more defensible.  Aligning internal and external cybersecurity efforts will drive innovations that will help shift the advantage away from malicious actors toward those defending our systems and network.  

  • Woman sitting at a computer, with code overlaid on the image. Scene feels high tech.

    Developing the workforce by improving cybersecurity awareness and capability.  To protect networks and critical infrastructure, the Department must be armed with the right resources, people, and tools, including building and cultivating the workforce to effectively defend, deter, and protect our critical assets from threats.  

  • Photo of transmission lines at sunset, with bright blue dots connected by lines overlaid on top. Gives a sense of a network over the grid.

    Protecting critical energy infrastructure by ensuring cyber resilience for assets, systems, and networks that provide functions necessary for execution of the broad DOE mission. This includes partnering with key stakeholders, such as other sector-specific agencies and 7 the private sector, to drive improved cybersecurity by promoting the development and adoption of best practices. 

Read DOE's 2024 Cybersecurity Strategy

Cybersecurity Research, Development, and Demonstration for Energy Systems

Illustration of data visualizations (charts and globe) overlaid on a photo of solar panels and wind turbines at sunrise

The U.S. Department of Energy is focused on reducing the risk of energy disruptions due to cyber events by bringing to bear the best ideas of the Federal government, the National Laboratories, private partners across the energy sector, academia, and state and local governments. Through the research, development, and demonstration (RD&D) cycle, these game-changing projects aim to enhance the speed and effectiveness of threat and vulnerability information sharing, accelerate the mitigation of cyber incidents in today’s systems, and enhance resilience while reducing risk in a quantifiable manner.

DOE moves innovative research to industry-ready solutions using a strategic mix of RD&D that focuses on both shorter-term RD&D with a high probability of rapid market readiness and game-changing RD&D that supports next-generation cyber system designs. These products are commercialized, released as guidance or open-source software, or adopted into ongoing research to develop new capabilities that help the energy sector achieve its vision of energy delivery systems that can prevent or withstand a cyberattack.

Cybersecurity RD&D Funding Opportunities

When RD&D funding opportunities become available, an application can be found at the National Energy Technology Laboratory’s Solicitations and Funding Opportunities webpage

Learn more about Cybersecurity RD&D

Supporting Offices