U.S. NATIONAL RENEWABLE ENERGY LABORATORY
The Power Sector Cybersecurity Building Blocks are designed to help various stakeholders improve security for the electrical grid.
2021 · 2 pages

Abstract
Developed through the USAID-NREL Partnership and the Resilient Energy Platform, these building blocks are a guide to help organizations develop a robust cybersecurity defense program. The 11 building blocks represent clusters of related activities within cybersecurity on which an organization should focus. The building blocks are designed to help organizations prioritize their cybersecurity efforts to best thwart a wide range of potential cyberattacks. Each building block discusses a particular element of a well-rounded cybersecurity framework. Governance is the process that directs a utility-wide cybersecurity effort and provides accountability for that effort. Organizational Security Policy focuses on the high-level document that captures the essential elements of a utility's efforts in cybersecurity. Risk Management involves activities that identify and evaluate cybersecurity risk, with the goal of reducing that risk to a level appropriate to the utility's business objectives. Cyber Threat Intelligence involves understanding the threat landscape and taking action to mitigate cyber risks. Laws, Regulations, and Standards are compulsory host country directives that a utility must comply with regarding cybersecurity. Compliance is the effort within a utility to remain in compliance with laws, regulations, and standards. Procurement involves the processes used to monitor and improve the cybersecurity of devices, applications, and services as they are acquired and integrated into utility operations. Technical Controls include hardware and software components that protect a system against cyberattack. Incident Response involves the actions taken by a utility to prepare for cyberattacks, including creating plans for response, rehearsing the response prior to an attack, continuous monitoring to identify attacks, and the actual response. Cybersecurity Awareness Training involves educating all employees about potential cyber threats and their roles in preventing them. Workforce Development involves efforts to ensure an adequate supply of workers with specialized cybersecurity knowledge and skills. The Power Sector Cybersecurity Building Blocks are designed to address the challenges faced by small and under-resourced utilities. Many organizations struggle to create a cybersecurity program that is balanced across all areas required to protect their assets from attack. The building blocks define clusters of related activities within a balanced cybersecurity program and provide references and resources for each area. The clusters of related activities defined by the Power Sector Cybersecurity Building Blocks span multiple stakeholders, including utilities and external organizations. Organizations in the early stages of cybersecurity maturity will likely benefit the most from these building blocks, as they are likely to struggle with the question of what a complete cyber program looks like. More "cyber mature" organizations can also use the building blocks to gain a fresh perspective on their efforts and fill in gaps in their existing cyber programs. The Power Sector Cybersecurity Building Blocks are not meant to be the final word on cybersecurity for the power sector, as this field is evolving rapidly with the introduction of new power grid technology and an ever-changing threat landscape.
Connected topics
Classification