WASHINGTON, D.C.—Today, the U.S. Department of Energy (DOE) released new Supply Chain Cybersecurity Principles, developed in collaboration with Idaho National Laboratory. The principles establish best practices for cybersecurity throughout the supply chain that supports energy infrastructure. Developed for manufacturers and end users alike, the principles create a framework to strengthen key technologies used to manage and operate electricity, oil, and natural gas systems around the world. Several prominent suppliers and manufacturers serving the energy sector have expressed support for the principles, including GE Vernova, Schneider Electric, Hitachi Energy, Schweitzer Engineering Laboratories, Rockwell Automation, Siemens, Siemens Energy, and Honeywell.  

“As we build our clean energy future, it is critical that we incorporate strong cybersecurity protections,” said U.S. Deputy Secretary of Energy David M. Turk. “Together with our G7 allies, we’re helping ensure energy infrastructure worldwide is more reliable and resilient against tomorrow’s threats and challenges.”   

“The U.S. energy sector is a target for cyber criminals and for foreign adversaries, alike,” said Deputy National Security Advisor for Cyber and Emerging Technologies Anne Neuberger. “The Biden-Harris Administration is prioritizing the security and resilience of our critical energy infrastructure with this global initiative, emphasizing the importance of aligning individual supply chain security efforts for operational technology used in the energy sector.” 

The supply chain constitutes a significant source of risk for energy systems as components of the American grid, pipelines, and related infrastructure are developed and manufactured by disparate companies on a global scale. President Biden has made supply chain security an area of intense focus and called on agencies with responsibility for critical infrastructure to take meaningful steps to proactively address security concerns. 

Energy systems across the globe are going through a period of tremendous change as they become more digitized, integrate new sources of clean energy, and implement new communications pathways. A global approach to supply chain cybersecurity is imperative and can take the form of collaboration among leading manufacturers from like-minded countries such as Canada, France, Germany, Italy, and the U.K. A global effort can help secure equipment and technologies before they are exploited by cyber actors seeking to cause destruction or disruption to critical infrastructure.   

For more information, please see the White House statement from June 18, 2024.