U.S. NATIONAL RENEWABLE ENERGY LABORATORY
The Power Sector Cybersecurity Building Blocks are designed to help various stakeholders improve security for the electrical grid.
2021 · 53 pages

Abstract
Developed through the USAID-NREL Partnership and the Resilient Energy Platform, these building blocks are intended to guide organizations in developing a robust cybersecurity defense program. The effort stems from discussions with utilities worldwide and past cybersecurity assessments performed by NREL on dozens of utilities and government agencies, focusing on the cybersecurity challenges faced by small and under-resourced utilities. The building blocks are a guide to help organizations prioritize their cybersecurity efforts to thwart a wide range of potential cyberattacks. Each building block represents a cluster of related activities within cybersecurity on which an organization should focus. The building blocks are interconnected, with some feeding information to others and mutually supporting each other to facilitate a holistic approach to cybersecurity. The clusters of related activities defined by the Power Sector Cybersecurity Building Blocks span multiple stakeholders, including utilities and external organizations. The building blocks are designed to be useful for organizations in the early stages of cybersecurity maturity, as they are likely to struggle with the question of what a complete cyber program looks like. More "cyber mature" organizations can also use the building blocks to gain a fresh perspective on their efforts and fill in gaps in their existing cyber programs. The Power Sector Cybersecurity Building Blocks are not meant to be the final word on cybersecurity for the power sector, as this field is evolving rapidly with the introduction of new power grid technology and an ever-changing threat landscape. The building blocks are organized into eleven categories: Governance, Compliance, Risk Management, Organizational Security Policy, Laws, Regulations, and Standards, Procurement, Technical Controls, Incident Response, Cybersecurity Awareness Training, and Cyber Threat Intelligence. Each category represents a cluster of related activities within a balanced cybersecurity program and provides references and resources for each area. The building blocks are interconnected, with some feeding information to others and mutually supporting each other to facilitate a holistic approach to cybersecurity. The clusters of related activities defined by the Power Sector Cybersecurity Building Blocks span multiple stakeholders, including utilities and external organizations. Organizations in the early stages of cybersecurity maturity will likely get the most benefit from these building blocks, as they are likely to struggle with the question of what a complete cyber program looks like. More "cyber mature" organizations can also use the building blocks to gain a fresh perspective on their efforts and fill in gaps in their existing cyber programs.
Connected topics
Classification
USAID DEC