The Cybersecurity & Information Systems Information Analysis Center is seeking to identify and understand the existing U.S. Department of Defense (DoD) policies currently addressing cybersecurity requirements for third-party energy projects (e.g., energy savings performance contracts, utility energy service contracts, power purchase agreements, etc.).
Multiple services of the DoD are experiencing challenges with implementing and executing cybersecurity measures for utility monitoring and control systems and microgrids obtained through third-party-financed initiatives. Numerous gaps are often observed in applied security controls, dependency mapping, system documentation, configuration, hardening, policy, procedure, and contractual vulnerabilities.
If you are aware of any DoD policies or requirements for cybersecurity of third-party-funded energy projects, please fill out the form here or contact Olutoye Sekiteri (Olutoye.sekiteri.ctr@mail.mil), the lead IAC analyst for this effort. You can also join the discussion on the DoDTechipedia forum by clicking the “Join the Discussion” button below.