In collaboration with the White House, the Department of Homeland Security (DHS) and electric company senior executives, the Department of Energy (DOE) formally launched a new initiative to develop a more comprehensive and consistent approach to protecting the nation's electric grid. Called the Electric Sector Cybersecurity Risk Management Maturity Project, DOE is seeking to leverage private industry and public sector expertise to develop an adaptable and scaleable model for measuring current capabilities and analyzing gaps in cyber defenses. The model will be based on a cybersecurity risk management process guideline developed with public and industry input and finalized in October 2011.

In a statement accompanying the project launch, White House Cyber Security Coordinator Howard Schmidt commented, "This effort will be focused on performance-based strategies and concrete steps to measure progress of cyber security in the electric sector. It is important to understand the sector's strengths and remaining gaps across the grid to inform investment planning and research and development, and enhance our public-private partnership efforts."

A series of workshops with industry representatives is planned for the next several months to draft the maturity model. A pilot program to test the model's effectiveness and validate results is planned for late spring/early summer with about a dozen electric utilities and grid operators participating. Based on the results of the pilot program, a final risk management maturity model is expected to be made available to the entire electric sector late summer. Read more »