Strengthening Manufacturing Cybersecurity
The DOE’s principles outline 10 best cybersecurity practices for suppliers and another 10 for consumers. These practices emphasize risk management, transparency, operational resilience, and proactive incident response. They have been collaboratively developed with input from energy automation and industrial control system manufacturers, as well as cybersecurity research from the Idaho National Laboratory.
For suppliers, the guidelines stress the importance of maintaining vulnerability management processes following industry best practices and providing ongoing product support, including security patches and mitigations throughout a transaction’s lifecycle. On the other hand, for end users, the emphasis is on contractual language that influences security outcomes, as well as collaborating with suppliers to integrate appropriate cybersecurity controls and platforms.
The release of this framework comes at a time when the threat of cyberattacks against the energy sector, from both foreign and domestic actors, continues to grow. The U.S. isn’t alone in its efforts to bolster manufacturing cybersecurity, as discussions on this issue took place at the G7 Summit in Italy, where commitments were made to improve cybersecurity resilience in key sectors and supply chain security.
The urgency of this guidance is underscored by the escalating cyber threat to U.S. critical manufacturing. FBI data revealed that the manufacturing sector experienced the second highest number of cyberattacks among U.S. industries last year, with almost half of global critical manufacturers at risk of a cyberattack.
In response to this heightened risk, the Biden administration has displayed an increased commitment to fortifying U.S. manufacturing and supply chain security. This includes the creation of the White House Council on Supply Chain Resilience and various initiatives to improve cybersecurity in the energy sector.
The DOE’s focus on cybersecurity isn’t new. In recent months, it has been collaborating with energy distributors to enhance cybersecurity, and in January, the department allocated $30 million in funding for research projects aimed at improving the cybersecurity of clean energy resources.
The release of these best practices serves as a clear signal to the manufacturing and supply chain industry about the imperative to prioritize cybersecurity. As companies continue to navigate the complexities of digital transformation and interconnected supply chains, incorporating these cybersecurity best practices will be essential for resilience and continuity.
In conclusion, the DOE’s cybersecurity framework for clean energy cyber supply chains stands as a significant milestone in fortifying the resilience of manufacturing and supply chain operations. By embracing these best practices and aligning with the evolving cybersecurity landscape, businesses can proactively safeguard their operations from cyber threats and contribute to the overall security and stability of the industry.
Source: https://www.supplychaindive.com/news/energy-department-cybersecurity-manufacturing-supply-chain-best-practices/719605/
ITAR Course
Gain insight into key compliance principles, understand the impact on international business, and ensure your products meet ITAR requirements. Don’t let fines and penalties hinder your success β empower yourself with the knowledge to navigate ITAR regulations confidently and drive your business forward.
