Witnesses from the Federal government, academia, and the private sector zeroed in on cyber threats facing the U.S. electric grid at a House Energy subcommittee hearing Thursday afternoon.
During the hearing–which largely centered around research and innovations in electric grid and energy technology–all of the witnesses stressed the importance of shoring up the U.S. electric grid, and its security.
“Anticipating and responding to the latest cyber threat is a ceaseless endeavor that requires dedicated resources and personnel,” said Bruce J. Walker, assistant secretary, Office of Electricity, and acting assistant secretary, Office of Cybersecurity, Energy Security, and Emergency Response, Department of Energy (DoE). “It is imperative to recognize today’s realities: resources are limited, and cyber threats continue to increase in frequency and sophistication. To gain the upper hand, disruptive changes in cyber risk management practices must be pursued.”
Walker’s private sector counterparts agreed with his assessment.
“This decade seems to have two major defining characteristics: the opportunity to use more low-cost wind, solar, batteries, and natural gas, and the growing threats from severe weather and cyber and physical attack,” said Robert E. Gramlich, president of Grid Strategies, during the hearing.
Joseph A. Heppert, vice president for research at Texas Tech University, testified that the danger of cyber threats targeting power grids is only growing.
“[T]here is a growing consensus that future conflicts among major military and economic adversaries may involve preliminary skirmishes in cyberspace, with grid infrastructure as a prime target,” he said. “Indeed, some recent cases provide indications that both state and non-state actors have already targeted and demonstrated an ability to threaten the grid.”
During his testimony, Walker laid out the DoE’s two-fold cyber strategy: 1) strengthen today’s energy delivery systems by working with agency partners to address growing threats and to promote continuous improvement, and 2) develop game-changing solutions that will create inherently secure, resilient, and self-defending energy systems.
Walker stressed the importance of public-private-academic partnerships for combatting cyber threats. He also highlighted the DoE’s historical role in funding “innovative research, development, and demonstration that cannot be economically justified in private-sector markets.”
One potential game-changing solution was offered up by John Sarrao, principal associate director, Science, Technology & Engineering Directorate, Los Alamos National Laboratory. He said that developing modeling software–to simulate potential cyber attacks–is key.
“Developing a cyber-physical impact and consequences modeling and simulation capability will enable stakeholders to assess the possible consequences of different types of cyberattacks on critical infrastructure and prioritize additional investments in both impact studies and research and development into cyber-physical systems modeling and simulation,” he said.
In addition to Federal research funding, Heppert testified that his university is investing heavily in research and development related to grid security.
“Over the next four years, we intend to invest a minimum of $8 million in research into cybersecurity and energy grid resiliency to enable the creation of a sustainable and diverse energy economy,” Heppert said. “We are confident this investment will help the nation attain its goals in energy security, traditional and alternative energy utilization, and a 21st-century energy grid.”