Office of Cybersecurity, Energy Security, and Emergency Response (2020 Presidential transition)

Book 3 - Organization Overview
Entire 2020 DOE Transition book As of October 2020

The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) is the Department’s lead to engage with the energy sector. CESER leads all policy discussion with the private sector to support the Department’s agenda. Additionally CESER is the lead for the National Security Council NSPM-4 policy process on cyber issues. Finally, CESER maintains the Emergency Support Functions under the National Response Framework supported by the Federal Emergency Management Agency (FEMA).

Mission Statement

The mission of the Office of Cybersecurity, Energy Security, and Emergency Response (CESER) is to improve the security of the United States energy infrastructure against all hazards via Cybersecurity; Infrastructure Security & Energy Restoration; and Innovation, Research & Development.

Budget

Fiscal Year	Budget
FY 2019 enacted	$120,000,000
FY 2020 enacted	$156,000,000
FY 2021 requested	$184,621,000

Human Resources

FY 2020 authorized full-time equivalents (FTEs): 27

History

In recognition of the increasing importance of cybersecurity for the energy sector, DOE created the Office of Cybersecurity Energy Security and Emergency Response (CESER) in 2018. The creation of CESER fulfilled a dual purpose: to work with industry to increase cybersecurity and physical security protections across multiple energy subsectors and interdependent sectors of critical infrastructure; and to coordinate emergency support function response for the energy sector. CESER was spawned from the Office of Electricity (OE) by divesting the legacy OE research and development, and infrastructure security and energy restoration divisions. Since this divesture, CESER is growing to address the entire energy sector, not just electricity concerns.

Functions

Cybersecurity

This division seeks to mitigate the risk of energy disruption from cyber incidents and other emerging technological threats within the energy environment. We strategically coordinate the Department of Energy’s efforts to improve discovery, protection, prevention, and mitigation of cyber threats and vulnerabilities that disrupt, degrade, or threaten the U.S. energy sector critical infrastructure and operations. Focus areas include DOE Primary Mission Essential Function #3, Emergency Support Function #12, Defense Critical Energy Infrastructure, and Executive Order 13920 implementation.

Infrastructure Security & Energy Restoration (ISER)

The ISER division leads DOE’s emergency preparedness and coordinated response and recovery to avoid disruptions to the energy sector caused by physical and cyber-attacks, natural disasters, and man-made events. Additionally, they assist efforts to reduce the impact of disruptive events and respond to and facilitate recovery from energy disruptions in collaboration with industry, the Department of Homeland Security, and other Federal, State, local, tribal, and territorial governments

Innovation, Research & Development (IRD)

The IRD division manages an Innovation and R&D program designed to assist energy sector and DOE asset owners by developing cybersecurity, energy security, and emergency response solutions for energy infrastructure systems in collaboration with the National Laboratories, and other Federal government, industry, and academic organizations

Corporate Business Office (CBO)

The CBO handles all project management, budgeting, and human resources functions. This office serves as the back office for all other divisions and facilitates our engagements with Congress and the Office of Management and Budget.

Recent Organization Accomplishments

CESER manages DOE’s premier cyber vulnerability testing program for industrial control system (ICS) digital components: the Cyber Testing for Resilient ICS (CyTRICS) program. During FY2020, CESER began signing agreements with major manufacturers and asset owners to provide digital components for testing. CyTRICS will complete a full pilot test of program processes in the fall of 2020.
Pursuant to direction in Section 5726 of the FY2020 National Defense Authorization Act, CESER launched a 2-year pilot Securing Energy Infrastructure Executive Task Force (SEIETF) to partner with digital component manufacturers and asset owners to address cybersecurity in sector supply chains. The SEIETF convenes a broad set of stakeholders from across government, industry, academia, and the DOE Labs to: 1) evaluate technology and standards to isolate and defend critical industrial control systems (ICS) from cybersecurity vulnerabilities and exploits; 2) develop a national cyber- informed engineering strategy to isolate and defend critical ICS from cybersecurity vulnerabilities and exploits; and 3) identify new classes of security vulnerabilities of critical ICS.
In August, CESER completed a new plan to strategically evolve the cybersecurity mission at DOE, to include building new capabilities to perform cyber discovery and pursuit functions; cyber threat intelligence sharing and situational awareness; cyber modeling and simulation; and fostering cyber protections for emerging technologies in energy sector systems. This included signing a 2-year lease on office space in Denver, CO, to open the DOE Integrated Security Center (DISC).
Federal partners signed an MOU launching the Pathfinder program in February 2020. Pathfinder focuses on three core objectives: 1) Advance Threat-Information Sharing and Analysis; 2) Improve Energy Sector-Specific Knowledge Within the U.S. Government; and 3) Develop Joint Operational Preparedness and Response Procedures. Initial work to identify and coordinate existing federal stakeholder cyber activities in the energy sector was completed in FY2020.
The energy sector has housed the premier cyber threat intelligence platform for over a decade. This program, known as the Cybersecurity Risk Information Sharing Program (CRISP) is a public-private partnership, co-funded by DOE and industry and managed by the Electricity Information Sharing and Analysis Center (E-ISAC). CRISP is extending its footprint of participants to include utilities that support Defense Critical Energy Infrastructure facilities. The “+ 30 Initiative” provides funding for critical electric sector companies to participate for a period of three years, working together with the E-ISAC and the Pacific Northwest National Laboratory (PNNL).
In response to the President’s Executive Order on Cyber Workforce and the Cyber Solarium Commission report, CESER launched the Operational Technology (OT) Defender Fellowship. This year long fellowship introduces OT Managers in the U.S. to national security through the lens of industrial control systems. This program is sponsored by CESER but managed through INL and the Foundation for Defense of Democracies.
CESER, in coordination with DOE International Affairs, negotiated a Memorandum of Agreement with the United Arab Emirates to assist the growth and security of the Barakah Nuclear Power Plant, the world’s first civil-nuclear power plant in the Middle East.

Leadership Challenges

Manpower

CESER is a growing office, striving to meet the mission of the Department. Currently, CESER has 23 full time federal employees and funds another 9 at the National Energy Technology Lab in Morgantown, WV. These employees are primarily at the Government Service (GS) 14 and 15 levels due to the advanced project management and technical expertise traditionally required for their roles. In 2020 CESER was allocated 13 new positions. Given the pandemic, CESER struggled to fill all of its opening. In FY21, CESER is allotted 16 more positions. Filling these roles inside of CESER’s new structure is a top priority and will require a leadership focus.

Critical Events and Action Items

In the first quarter of CY2021, the Office can expect the quarterly Sector Coordinating Council Meetings. Depending on COVID-19 constraints, these events are usually hosted at DOE HQ and bring in the business and security leaders of the electric and oil and natural gas sectors.^[1]