{"id":47744,"date":"2022-07-28T14:39:31","date_gmt":"2022-07-28T14:39:31","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33674\/Inside-The-Energy-Departments-10-Year-Plan-To-Reshape-Cybersecurity-In-The-Sector.html"},"modified":"2022-07-28T14:39:31","modified_gmt":"2022-07-28T14:39:31","slug":"inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/","title":{"rendered":"Inside The Energy Department’s 10-Year Plan To Reshape Cybersecurity In The Sector"},"content":{"rendered":"
\n
U.S. Department of Energy with the American flag reflected in the windows. CESER and the Department of Energy are looking modernize cybersecurity throughout the energy sector by leveraging more than $60 billion of planned investments over the next decade. (Photo credit: Timothy Epple via Getty Images)<\/figcaption><\/figure>\n<\/div>\n

Everybody loves the idea of modernizing IT and cybersecurity. Few industries or sectors have the money, resources, patience or follow through<\/a> to carry it out in more than a piecemeal fashion<\/a>.<\/p>\n

Nowhere is that more true than in critical infrastructure and the energy sector, where the perpetual need to keep the lights and power running has locked the industry into insecure technologies and network architectures that were developed decades ago.<\/p>\n

Back in 2013, the Obama administration identified<\/a> the energy sector as \u201cuniquely critical due to the enabling functions they provide across all critical infrastructure sectors.\u201d Meanwhile, state-backed and criminal hacking groups have gotten better, faster and more emboldened<\/a> to target the networks and automated systems built on top<\/a> of that infrastructure. Incidents such as the Colonial Pipeline ransomware attack have reinforced longstanding fears in government that even individual hacks can cause widespread supply chain disruptions and shortages.<\/p>\n

Now, officials at the Department of Energy say they are looking to leverage billions of dollars in federal funding from the Bipartisan Infrastructure Law<\/a> passed last year in a bid to replace and reshape much of the underlying technologies and processes that underpin our national power system.<\/p>\n

\u201cAny time you\u2019re on the cusp of introducing new technology or on the cusp of significant spending [or] investing in infrastructure upgrades, that\u2019s the time where you really want to think strategically,\u201d Cheri Caddy, a senior advisor for cybersecurity policy and strategy at the Department of Energy, told SC Media in an interview. \u201cHow do I optimize my spending not just for efficiency\u2026but use that occasion, that strategic opportunity to think about building secure?\u201d<\/p>\n

Caddy and other Energy officials have described the infrastructure law as a \u201conce in a generation opportunity\u201d to overhaul and modernize large swaths of the energy sector\u2019s IT and cybersecurity. In order to do so, experts say the department and its cyber wing CESER (the Office of Cybersecurity, Energy Security and Emergency Response) will need to navigate a complex and competitive funding environment to ensure that states, local governments, private companies and utilities are following through on the strategy.<\/p>\n

Cybersecurity competing with clean energy<\/h2>\n

Much of the public discussion from the White House and Congress around energy investments in the Bipartisan Infrastructure Law has been focused not around cybersecurity or IT but rather clean energy, developing technologies with greater energy efficiency and reducing the carbon footprint of a sector that the United Nations has classified<\/a> as the largest contributor to greenhouse gas emissions in the world.<\/p>\n

In January, President Joe Biden touted<\/a> the benefits of the law to the energy sector, mentioning renewable energy labs in Colorado, new and upgraded power transmission lines and towers and wind energy. In February, he gave a speech<\/a> in Ohio touting the law and how it \u201chelps us invest in a cleaner, stronger, more resilient electric grid, with 100% clean electric energy being generated by the year 2035.\u201d Neither speech made mention of technology or cybersecurity upgrades.<\/p>\n

But the ground-level guidance the administration developed for state and local governments makes it clear that the White House sees billions of dollars in federal funding from the law that can be unlocked to make cybersecurity-specific upgrades to energy infrastructure.<\/p>\n

According to a guidebook<\/a> the administration released in January, the law sets aside at least $1.3 billion to fund cybersecurity resilience measures. It also includes $1 billion for state and local cybersecurity grants, $250 million for energy sector cyber research and development, $250 million for rural and municipal utility cyber and technical assistance, $100 million for a cyber response and recovery fund overseen by the Department of Homeland Security, and $50 million for energy sector cyber resilience support.<\/p>\n

Beyond that, scores of individual project descriptions include specific language that allows the federal government or downstream recipients to use money allocated to grant funding for industrial research, port development and others for cybersecurity related purposes.<\/p>\n

The spending on cybersecurity \u201cis spread across multiple programs to strengthen cyber systems and defense against future attacks, including funding for State, Local, Tribal, and Territorial grants for the Federal Emergency Management Agency, cyber response and recovery, and Research & Development in cyber,\u201d the guidebook states.<\/p>\n

\u201cWe\u2019re really looking to [ask] as we\u2019re beginning to move all that infrastructure money and execute on it: how do we infuse security into those discussions?\u201d said Caddy. \u201cSo, it\u2019s less a specific technology or specific project that\u2019s being advocated here but more how do we look across the board as we\u2019re making investments across the department \u2014 at putting more renewables in place, at decarbonizing the grid, and updating outdated infrastructure. For any particular project that\u2019s doing those things, let\u2019s also put cybersecurity into the mix, into the qualifications, so we\u2019re pursuing those multiple goals at once.\u201d <\/p>\n

Cybersecurity mistakes decades in the making<\/h2>\n

The status quo has been decades in the making, the product of multiple factors, including the energy sector\u2019s historical prioritization on reliability and physical safety over cybersecurity, a lack of human expertise and the increased reliance on newer automated technologies that have opened up new attack surfaces within energy utilities for malicious hackers to exploit.<\/p>\n

Malware designed to attack the machinery and networking that help to run modern essential services is still rare, but that\u2019s starting to change. One of the latest examples happened in April, when cybersecurity firms Dragos and Mandiant announced they had discovered what is believed to be just the seventh piece of ICS-specific malware found in the wild, dubbed<\/a> PIPEDREAM.<\/p>\n

While there was no evidence the tool was deployed before it was discovered, researchers said it targeted programmable logic controllers made by Schneider Electric and Omron, was capable of disrupting, degrading or even destroying data and leveraged vulnerabilities that are inherent in many other commercial controllers. Mandiant compared it to some of the most dangerous malware known to target industrial control systems, such as Triton, Industroyer and Stuxnet.<\/p>\n

Michael Dransfield, a senior technical executive for control systems cybersecurity at the NSA, said earlier this month that his agency is \u201cseeing more and more capabilities that are available either open source or being developed by our adversaries\u201d specifically designed to target critical infrastructure and industrial control systems.<\/p>\n

That\u2019s in part because energy utilities, like other sectors<\/a>, are facing a shortage of workers who understand both cybersecurity and the technical and business realities of operating critical infrastructure. While modernization of the underlying technology is one component of the plan for safer energy, any effective strategy for creating more secure electrical grids and other energy assets will need to account for the lack of human expertise that is increasingly being replaced with digital, remote systems.<\/p>\n

\u201cBack in 2003, you had operators who really didn\u2019t understand the cybersecurity problem and you had cybersecurity individuals who really worked in the IT world, but did not really understand what operational technology or control systems were,\u201d said Dransfield. \u201cWe\u2019ve made progress bringing those two groups together [but] the problem is a lot of the \u2026 seasoned veterans who work in the operational technology world have retired, and so within the U.S. we have begun to rely more and more on automated control systems.\u201d<\/p>\n

Building security-native technologies and processes to better protect those systems is essential and need not conflict with broader goals around climate.<\/p>\n

According to CESER Director Puesh Kumar, the plan is to ensure that as states and energy companies go about replacing their equipment, machinery and operational technology with more climate-friendly alternatives, they are also working to undo some of the early design mistakes that have plagued industry cybersecurity for decades. The department \u201cis going to be investing over $62 billion over the next five- to 10 years in the U.S. energy sector and specifically the electric grid, and so this is the time to do it.\u201d<\/p>\n

\u201cFrom my vantage point, we honestly have a strategic opportunity like we\u2019ve never had before. We\u2019re seeing this revolution of particularly clean energy systems that are going to be coming online and we have an opportunity to actually build in cybersecurity rather than trying to bolt it on that we\u2019ve done in so many other sectors, including the energy sector, for too long,\u201d said Kumar in July during an online event hosted by Nozomi Networks.<\/p>\n

Navigating the bureaucratic maze<\/h2>\n

With cybersecurity, the best laid plans set out by any government or industry are largely dependent on the ability to wrangle and persuade other stakeholders.<\/p>\n

Governments can regulate but don\u2019t own most of the infrastructure or make any of the underlying technologies. Private industry can innovate and has the money, but has historically lacked the financial incentives to do so. Utilities often lack access to cybersecurity-specific funding and have a duty to keep operations running that complicate any widespread modernization plans.<\/p>\n

Trevor Rudolph, vice president for global digital public policy at Schneider Electric, told SC Media that while federal dollars can help with some of the biggest challenges to energy modernization, they wouldn’t address other core issues \u2014 like service continuity \u2014 that are often the biggest roadblocks to modernization at scale.<\/p>\n

\u201cA lot of the systems and infrastructure that Energy is talking about, there is zero tolerance for downtime. Utilities are having to deal with the challenge where, yes, they want to upgrade, yes they want to replace certain systems but they can\u2019t afford even a second of downtime with their existing infrastructure,\u201d said Rudolph, who also worked as chief of the cyber and national security unit at the Office of Management and Budget.<\/p>\n

Then there is the question of follow through. Rudolph said the process of getting that funding down to different stakeholders in the energy industry and used for cybersecurity specific investments is \u201cmore complicated\u201d than anything he experienced while in government. Energy\u2019s statutory authority to tell owners and operators what to do when prioritizing upgrades is \u201ctenuous at best.\u201d The money from the infrastructure law will flow down to states, local governments, utilities, and other stakeholders, often in the form of grant funding that can be spent in a variety of different ways. That means that in some cases, those entities must voluntarily follow through on the federal government\u2019s plans.<\/p>\n

 There is already evidence of a split between Democrats and Republicans over how much control the White House and executive branch can wield over the money that will be spent by states and utilities.<\/p>\n

In February, Senate Majority Leader Mitch McConnell, R-Ky., and Sen. Shelley Moore Capito, R-W.Va., sent a letter<\/a> to governors around the country urging them to ignore the Biden administration\u2019s guidance on how to utilize funding from the infrastructure law on road and highway investments, saying a December 2021 memorandum<\/a> from the Federal Highway Administration outlining how states should allocate spending \u201cattempts to implement a wish list of policies not reflected\u201d in the law.<\/p>\n

Congress wrote the law to give states and localities ample flexibility to spend those dollars how they see fit and the senators stressed that guidance from the executive branch is not legally binding unless it\u2019s backed up in the letter of the law. The administration\u2019s guidance \u201cis an internal document, has no effect of law, and states should treat it as such,\u201d McConnell and Capito wrote<\/a>.<\/p>\n

One area where that flexibility could ultimately benefit cybersecurity is around the \u201cBuy America\u201d provisions in the law.<\/p>\n

Heath Knakmuhs, vice president and policy counsel of the Global Energy Institute at the U.S. Chamber of Commerce, noted that money allocated to buy and install new climate-friendly parts and components within energy infrastructure may conflict with the law\u2019s requirements that utilities buy domestically manufactured products. There is also still considerable uncertainty about how the administration intends to issue waivers that allow companies and utilities to bypass those rules. The Chamber and 11 other organizations have submitted at least 46 questions to OMB regarding how the \u201cBuy America\u201d provisions will be implemented.<\/p>\n

With the way climate supply chains are set up, it may conflict with the law\u2019s broader Buy America rules, said Knakmuhs in an interview. If that money can\u2019t be used for climate, it may wind up going to other priorities including cybersecurity.<\/p>\n

\u201cBecause a lot of those components that are necessary for solar and inverters and even in wind turbine technology and critical minerals \u2026 required for batteries and other modern technologies are all from overseas for the most part,\u201d he said. \u201cThe Buy American guidance in that is probably the most impactful tool on the cyber side quite honestly. It is going to depend on how they interpret it, where do they like to grant waivers, where do they like not to grant waivers.\u201d<\/p>\n

The project is expected to take a decade if not more, but officials at Energy believe it represents a singular chance to shore up the resilience of one of the most vital sectors in American society. Climate and green energy still appear to be the clear spending priorities for the administration, but officials at CESER say there is no reason that the sector can\u2019t take advantage of the law to solve some of its other most enduring problems at the same time.<\/p>\n

\u201cYou have a lot of these trends coming together to make this an optimal point in time, and now of course with the infrastructure bill we\u2019re beginning to make those investments,\u201d said Caddy. “So [the question is] how do we use the occasion of having a once-in-a-generation opportunity to invest, to get more efficient from an economic standpoint, but also efficient from renewables and green technology standpoint, and also build secure? We can do all of these things together.\u201d<\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":47745,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[6978],"class_list":["post-47744","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinegovernmentusaflaw"],"yoast_head":"\nInside The Energy Department's 10-Year Plan To Reshape Cybersecurity In The Sector 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Inside The Energy Department's 10-Year Plan To Reshape Cybersecurity In The Sector 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-07-28T14:39:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.scmagazine.com\/wp-content\/uploads\/2022\/07\/Energy-Department-building-1024x576.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"12 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Inside The Energy Department’s 10-Year Plan To Reshape Cybersecurity In The Sector\",\"datePublished\":\"2022-07-28T14:39:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\\\/\"},\"wordCount\":2337,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector.jpg\",\"keywords\":[\"headline,government,usa,flaw\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\\\/\",\"name\":\"Inside The Energy Department's 10-Year Plan To Reshape Cybersecurity In The Sector 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector.jpg\",\"datePublished\":\"2022-07-28T14:39:31+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector.jpg\",\"width\":1024,\"height\":576},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,government,usa,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinegovernmentusaflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Inside The Energy Department’s 10-Year Plan To Reshape Cybersecurity In The Sector\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Inside The Energy Department's 10-Year Plan To Reshape Cybersecurity In The Sector 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/","og_locale":"en_US","og_type":"article","og_title":"Inside The Energy Department's 10-Year Plan To Reshape Cybersecurity In The Sector 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-07-28T14:39:31+00:00","og_image":[{"url":"https:\/\/cdn.scmagazine.com\/wp-content\/uploads\/2022\/07\/Energy-Department-building-1024x576.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"12 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Inside The Energy Department’s 10-Year Plan To Reshape Cybersecurity In The Sector","datePublished":"2022-07-28T14:39:31+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/"},"wordCount":2337,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/07\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector.jpg","keywords":["headline,government,usa,flaw"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/","url":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/","name":"Inside The Energy Department's 10-Year Plan To Reshape Cybersecurity In The Sector 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/07\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector.jpg","datePublished":"2022-07-28T14:39:31+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/07\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/07\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector.jpg","width":1024,"height":576},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/inside-the-energy-departments-10-year-plan-to-reshape-cybersecurity-in-the-sector\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,government,usa,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinegovernmentusaflaw\/"},{"@type":"ListItem","position":3,"name":"Inside The Energy Department’s 10-Year Plan To Reshape Cybersecurity In The Sector"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47744","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=47744"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47744\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/47745"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=47744"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=47744"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=47744"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}