US Energy Department creates cybersecurity council

Energy Secretary Ernest Moniz, who is three weeks into his tenure, told the House Energy and Commerce Committee that the council includes representation from the department’s electricity office, the intelligence division, the office of the CIO and the NNSA. By making the council comprehensive across department branches, he said he hopes to create a holistic view of the nation’s mission-critical electric grid, nuclear stockpiles and oil and gas facilities.

“What we are trying to do is to make sure that we bring all these assets together to look at everything from grid reliability and resilience to, frankly, protecting our own national security secrets,” Moniz said, in prepared testimony reported by the Hill.

“I look forward to building councils of advisers that will provide enterprise-wide advice and analysis on issues ranging from cybersecurity to the management of the National Labs,” Moniz said.

Vulnerabilities in IT systems that underpin critical infrastructure like the energy grid, water supply facilities, oil and gas systems and transportation have skyrocketed 600% since 2010, NSS Labs reported in February, the same month that President Obama issued an executive order aimed at increasing private-public information-sharing to combat threats to critical infrastructure.

Since then, the government continues to address the issue, with the US General Services Administration (GSA) recently issuing a request for information (RFI) calling for input on ways to make the federal government's cybersecurity more resilient.

Also, a pair of bills are making their way through Congress to provide legislative remedies, for instance. The Senate has introduced the Deter Cyber Theft Act, which would require the Director of National Intelligence to compile an annual report on foreign economic and industrial espionage, including a priority watch list of the worst offenders. The legislation would also require the president to block import of products containing stolen US technology.

Meanwhile, the Cyber Economic Espionage Accountability Act will look to root out individual foreign hackers instead of companies, will make their names public and will deport the offenders and their families.

What’s hot on Infosecurity Magazine?