Preparedness, and Response Solutions April 2019 OFFICIAL USE ONLY - - PowerPoint PPT Presentation

▶

Nov 22, 2023 173 likes •280 views

Office of Cybersecurity, Energy Security and Emergency Response NASEO 2019 Southeast Regional Meeting Energy Security Roundtable: Comparing and Sharing Emerging Planning, Preparedness, and Response Solutions April 2019 OFFICIAL USE ONLY

SLIDE 1

Office of Cybersecurity, Energy Security and Emergency Response OFFICIAL USE ONLY

NASEO 2019 Southeast Regional Meeting Energy Security Roundtable: Comparing and Sharing Emerging Planning, Preparedness, and Response Solutions

April 2019

SLIDE 2

OFFICIAL USE ONLY

Cyber Threats and National Cyber Strategy

“China has the ability to launch cyber attacks that cause localized, temporary disruptive effects on critical infrastructure—such as disruption of a natural gas pipeline for days to weeks—in the United States.” “Russia has the ability to execute cyber attacks in the United States that generate localized, temporary disruptive effects on critical infrastructure—such as disrupting an electrical distribution network for at least a few hours— similar to those demonstrated in Ukraine in 2015 and 2016.” “Federal departments and agencies, in cooperation with state, local, tribal, and territorial government entities, play a critical role in detecting, preventing, disrupting, and investigating cyber threats to our Nation.”

SLIDE 3

OFFICIAL USE ONLY

DOE’s Sector Specific Agency (SSA) Authorities

FAST Act (2015)

Codified DOE’s SSA Role

PPD-41 –Federal Government’s response to any cyber incident involving government or private sector entities PPD-21 –Establishes a shared responsibility among the Federal government, SLTT entities, and public and private owners and

perators for CI security and resilience

U.S. Department of Energy (DOE) Office of CESER Infrastructure Security and Energy Restoration (ISER) Division Emergency Support Function #12 – Energy Oil and Natural Gas Subsector Coordinating Council (ONG SCC) Electricity Subsector Coordinating Council (ESCC) State, Local, Tribal, and Territorial Governments (SLTT) Energy Government Coordinating Council (EGCC)

SLIDE 4

OFFICIAL USE ONLY

CESER Collaboration Across the Energy Sector

State, Local, Tribal and Territorial (SLTT) Program

Tom Fanning, Southern

Company

Kevin Wailes, Lincoln Electric
Duane Highley, Tri-State

2019 Leadership

APPA, Canadian Electricity

Association, EEI, EPRI, EPSA, NIAC, NRECA, NERC, ISO/RTO Council

Steering Committee

Vision and Planning
Threat Information Sharing
Industry-Government

Coordination

Research & Development
Cross-Sector Liaisons

Working Groups

Tamara Lance, Atmos Energy
Jillian Sulley, Devon Energy

2019 Leadership

AXPC, AFPM, AGA, API, APGA, AOPL,

ESC, GPA, IPAA, IADC, ILTA, INGAA, NACS, NOIA, NPGA, OMSA, OOC, PMAA, SIGMA, TXOGA, and USOGA

Owner and Operator Trade Associations

Canadian Association of Petroleum

Producers

Canadian Energy Pipeline Association

Associate Member Trade Associations

SLIDE 5

OFFICIAL USE ONLY

CATTTM2.0

IT and OT compatible framework for situational awareness and actionable analytics collaboration

CRISP

DOE developed tool for NERC E-ISAC IT infrastructure situational awareness

+30

DOE funded expansion of CRISP

ONG Pilot

DOE funded tool development for Oil and Natural Gas situational awareness

CyOTETM Pilot

Two-way data sharing and analysis within the OT environment

Energy Sector Company/ Vendor Sensors

Oil & Natural Gas ISAC Downstream Natural Gas ISAC Electricity ISAC

Cyber Analytics Techniques and Tools (CATT™) 2.0 Concept

Energy Sector

SLIDE 6

OFFICIAL USE ONLY

State Energy Security Preparedness and Response

Regional Cybersecurity Training
Viking Shadow Workshop 2018
Petroleum Shortage Workshop 2019
USVI Preparedness Workshop

State Energy Security Planning and Strategies NASEO Energy Security Accelerator Energy Security Online Training (under development)

NARUC Cyber Manual Toolkit
NASEO Guidance for States on Petroleum

Shortage Response Planning

NCSL Hardening the Grid Report
LBNL Cybersecurity Cost-Recovery
EEAC Calls and Emails
Incident Calls
Situational Awareness (EAGLE-I)
DOE Situation Reports

Support for Response Effort Reports and Tools Workshops and Exercises Technical Assistance

SLIDE 7

OFFICIAL USE ONLY

Exercises and Workforce Development and Training

Liberty Eclipse Clear Path Cyber Strike Cyber Force

SLIDE 8

OFFICIAL USE ONLY

Options for States

Clarify state agency roles and responsibilities for cybersecurity
Meet with the State Homeland Security Advisor
Consider cybersecurity in all-hazard energy security planning
Protect critical energy infrastructure data and information by working

with the state information security officer

Collaborate with public utility commissioners to explore the adoption and

deployment of new technologies or processes

Participate in cyber response exercises
Leverage the National Guard

SLIDE 9

OFFICIAL USE ONLY

State Energy Offices Checklist

▪ Emergency Response Planning Functions

✓ Update the Energy Assurance Plan regularly (and share with ISERnet) ✓ Understand state roles’ and responsibilities prior, during, and after an energy emergency response ✓ Know the federal role and federal support that is available to states

▪ Emergency Response Logistics

✓ Check EAGLE-I Login Information: https://eagle-i.doe.gov/login ✓ Check Energy Emergency Assurance Coordinator (EEAC) contact information in ISERnet: https://www.oe.netl.doe.gov/ISERNET/login.aspx ✓ Consult the Energy Waiver Library: https://www.energy.gov/ceser/energy-waiver-library ✓ Track DOE Situation Reports during a major disruption: https://energy.gov/ceser ✓ Know your DOE Regional Coordinator: See map and email energyresponsecenter@hq.doe.gov for contact information.

SLIDE 10

OFFICIAL USE ONLY

CESER Contact Information

Kate Marks Sector Engagement Kate.Marks@hq.doe.gov 202-586-9842 Kirsten Verclas Fellow Kirsten.Verclas@hq.doe.gov 202-586-0162