Q&A U.S. Energy Department Offers $25 Million for Cybersecurity Tech

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,881
securityweek.com: U.S. Energy Department Offers $25 Million for Cybersecurity Tech | SecurityWeek.Com
U.S. Energy Department Offers $25 Million for Cybersecurity Tech
By Eduard Kovacs on April 16, 2018

Tweet

The United States Department of Energy (DOE) on Monday announced that it’s prepared to award up to $25 million for the research and development of technologies designed to protect the country’s energy infrastructure against cyber threats.
The funding opportunity announcement (FOA) comes from the Office of Electricity Delivery and Energy Reliability’s Cybersecurity for Energy Delivery Systems (CEDS) program and it seeks applications for researching, developing and demonstrating novel approaches to improving cyber resilient energy delivery systems.
Department-of-Energy.jpg

Specifically, the offer is for projects focusing on designing a cyber-resilient architecture for the electric and oil and natural gas (ONG) subsectors, security for the ONG environment, secure communications, secure cloud-based technologies in operational technology (OT) networks, and enhancing security in the energy sector.
Applicants must not only conduct research and develop the products, but also demonstrate them in an actual facility. Proposals, which need to be submitted until June 18, must also include a strategy for transitioning from existing systems either by commercializing the new solution or by making it open source.
“This FOA builds on DOE’s efforts with the private sector toward improving the security of the Nation's critical energy infrastructure, and reducing the risk of a cyber incident that could disrupt energy delivery,” the DOE said. “It will expand the development and adoption of energy technologies that will help ensure a more secure, resilient, and reliable electricity system.”
Learn More at SecurityWeek’s ICS Cyber Security Conference
As of last year, the DOE said it had invested more than $270 million since 2010 in cybersecurity research, development and demonstration projects led by members of the industry, universities and the agency’s own National Laboratories.
In September 2017, the Energy Department announced its intention to invest $50 million in the research and development of tools and technologies that would make the country’s energy infrastructure more resilient and secure, including more than $20 million in cybersecurity.
Earlier this year, the DOE announced the creation of the Office of Cybersecurity, Energy Security, and Emergency Response (CESER) to help the organization efficiently coordinate preparedness and response to both manmade and natural threats.
Energy facilities in the United States and the Energy Department itself have often been targeted by malicious hackers in the past years, although the attacks have not been as damaging as the ones that hit Iran, Saudi Arabia and Ukraine
 

AtlBo

Level 28
Verified
Top poster
Content Creator
Well-known
Dec 29, 2014
1,723
Thinking of a hard truth about governments, including the U.S. It's amazing and positive that they are interested, but my first thought was, "Are they ready to rethink everything?" My following thought was, if yes-> "What operating systems are you using across the entirety of the U.S. network?" Then, the hard part, answer in hand->"Do you, Congress, or the Department of Energy and other departments know EVERYTHING there is to know about the operating systems in use?" That caused me to cringe when I realized that in this case America's enemies (I feel extremely confident that this is true), know more about the operating systems on U.S. network(s) than government officials, especially those with the weight to make something happen such as Congressmen.

It's time to ask hard questions about the pace of growth with the American network infrastructure. What do you do when things are unknowns and too complicated also? 100% simplify. Get away from Microsoft and Apple, quit doing favors and find the professionals who know how to write...not just code...design and code->those who know securability cannot be compromised.

Go to one operating system across all platforms that are not bound to something written specifically for the United States government. Clean up the peripheries and as the job is handled begin to look at your custom and high security systems and operating systems (from the BEGINNING).

The greatest defense installations we will ever build (all nations) and the greatest weapons platforms too have in common two things...usability (train soldiers efficiently on the platform or efficiently to man a particular post) but also simplicity in terms of addressing the intended purpose for the installation or platform. For a defense installation, build it big and use more concrete than some would say is required. Use->ENOUGH. Design it and equip it to handle its purpose...no questions asked.

Military cannot be throw away quick for profit equipment sales and building contracts. Only the presentation of strength will bring success to the mission statement of the military organization(s). Goverment networks should exist for simple use in support of the efforts of the various departments. However, a rat's nest is a rat's nest, and rats are one of the biggest threats to any nation. The U.S. government should put a stop to the fun and games approach the internet, starting with its own house. Get the best architects and require them to design it with a high enough degree of simplicity that any member of Congress can understand the security grid. After that, make sure that it is never tampered with->with the highest penalties. Then assist the states :)

The best programmers understand this language and expect it too...
 
Last edited:
  • Like
Reactions: SumTingWong