The Advanced Energy Economy Institute (AEE Institute) has released a new report identifying key challenges, best practices, and strategies for consideration by state and federal policymakers and regulators, as well as utilities and technology providers, to keep the evolving energy system safe from cyberattacks.
According to the report, cybersecurity is a growing issue for the U.S. economy, especially for the critical infrastructure that keeps the nation’s energy system operating — not just the electricity grid, but the highly interconnected and interdependent natural gas, water, communications, and fuel distribution systems.
The paper, “Cybersecurity in a Distributed Energy Future: Addressing the Challenges and Protecting the Grid from a Cyberattack,” focuses on the highly dynamic electricity sector, which is moving toward more distributed energy resources, and on the opportunities and challenges created by the widespread introduction of advanced and intelligent energy technologies.
“As we transition to more advanced and intelligent technologies that improve our energy system and benefit customers, we must take into account and prepare for new vulnerabilities to the security of our nation’s energy infrastructure,” says Lisa Frantzis, senior vice president for the 21st Century Electricity System at national business group Advanced Energy Economy (AEE), an affiliate of AEE Institute. “This paper sets out to assess the current landscape, articulate specific areas that need additional support, and make clear recommendations on how to improve the security of our electric power system.”
“AEE Institute’s paper is an important – and highly practical – contribution to countering cybersecurity threats in the planning, design, and operation of power generation and electricity grids in an increasingly distributed energy world, not just in the U.S., but globally,” says Chris King, chief policy officer of Digital Grid at Siemens.
“Recent events demonstrate that the level of cyber threats is increasing and targeting a broader range of assets, including advanced distributed energy technologies and smart grid applications. Through this paper, AEE has advanced the dialog between industry and regulators to collaboratively promote the next generation of advanced energy technology solutions that are cyber-secure,” adds Kenneth Lotterhos, managing director of energy at Navigant Consulting.
Intended to inform decision-makers about ways to make a power grid characterized by abundant advanced energy technologies secure against cyberattack, the paper highlights the following:
- Cybersecurity threats to the economy and to the energy sector;
- Eight cybersecurity best practices for a distributed, intelligent grid;
- Policy and regulatory frameworks on cybersecurity that are in place at the national level and in some states;
- Seven specific protective measures and protocols for grid operators; and
- Six overall recommendations to encourage adoption of best practices.
Included is a review of current regulations, standards, and guidelines, including the North American Electric Reliability Corp.’s (NERC) Critical Infrastructure Protection; the U.S. Department of Commerce National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity; the Electric Power Research Institute’s (EPRI) National Electric Sector Cybersecurity Organization Resource; and the North American Energy Standards Board (NAESB), among other national and international organizations.
The whitepaper was a collaborative effort, with contributions from experts at AEE, BRIDGE Energy Group, Converge Strategies LLC, Direct Energy (Centrica), EnergyHub, Enphase Energy, Ingersoll Rand, Landis+Gyr, Navigant Consulting, Oracle Utilities, Schneider Electric, and Siemens. AEE Institute also consulted with utility experts who participate on AEE’s Utility Advisory Committee.
The full report is available for downoad here.