Power Sector Cybersecurity Building Blocks

Upcoming Event Announcement:

Cybersecurity Forum.png

Register today for the forum that will take place on May 10, 2022 from 10:00 a.m. to 5:30 PM EST and May 11, 2022 from 10:00 a.m. to 5:30 PM EST.

Cyberattacks pose an increasing threat to the Caribbean energy sector. May 10 and 11, 2022, join the United States Agency for International Development (USAID) at the Caribbean Energy Sector Cybersecurity Forum to convene energy sector stakeholders, cybersecurity experts, international aid organizations, and other practitioners to discuss, learn, and network. Hosting events for all levels of cyber awareness, this event is intended to enhance the Caribbean energy sector’s security and capacity to manage the growing risk of cyberattacks.

Brought to you by USAID’s Strengthening Utilities and Promoting Energy Reform (SUPER) program with additional support from the Caribbean Electric Utility Services Corporation (CARILEC) and the National Renewable Energy Laboratory (NREL), this two-day event will promote a better understanding of the rising threat of cyberattacks in the Caribbean and what steps the region can take to mitigate this threat.

Subject matter experts from organizations including Deloitte, NREL, the Organization of American States, the University of Trinidad and Tobago, the Caribbean Climate Smart Accelerator, and many more will discuss their experiences with myriad cybersecurity topics, with an emphasis on the Caribbean power sector

More information and Registration>>

Developed through the U.S. Agency for International Development (USAID)-National Renewable Energy Laboratory (NREL) Partnership and the Resilient Energy Platform, the Power Sector Cybersecurity Building Blocks are designed to help a variety of stakeholders improve security for the electrical grid.

This effort is focused on combatting and addressing cybersecurity challenges faced by small and under-resourced utilities and was grown out of USAID and NREL’s discussions with utilities around the world, along with past cybersecurity assessments performed by NREL on dozens of utilities and government agencies.

The Need

There are already many excellent guides, standards, and frameworks for organizations seeking to improve cybersecurity. However, despite the growing resources available, many organizations still struggle to create a cybersecurity program that is balanced across all required areas to protect their assets from attack.

Organizations may find themselves with too much investment in one area and little investment in another. By addressing each building block of cybersecurity, a balanced cybersecurity program is more attainable.

About the Building Blocks

The building blocks function as a guide to help organizations develop a robust cybersecurity defense program. Individually, each building block represents a cluster of related activities within cybersecurity on which an organization should focus. By using the building blocks, organizations can effectively prioritize their cybersecurity efforts to best thwart a wide range of potential cyberattacks.

The 11 Cybersecurity Building Blocks include the following and each discuss a particular element of a well-rounded cybersecurity framework:


Note: Solid color blocks are internal to the utility; shaded blocks are external to the utility.

The Benefit

Organizations in the early stages of cybersecurity maturity will likely get the most benefit from these building blocks because they may struggle with the question of what a complete cyber program looks like. More mature cyber organizations can also use the building blocks to gain a fresh perspective on their efforts and fill in gaps in their existing cyber programs.

The Power Sector Cybersecurity Building Blocks are not meant to be the final word on cybersecurity for the power sector, as this field is evolving rapidly with the introduction of new power grid technology and an ever-changing threat landscape. USAID and NREL welcome discussion regarding updates to future iterations of these building blocks. For more information, please read the full report or view the fact sheet.

Learn More

Ask an Expert

The Resilient Energy Platform connects power system stakeholders across the globe to a network of cybersecurity resilience experts, providing remote consultation and advice at no cost.

Learn more and message the team.

Free Trainings

Ongoing Cybersecurity Building Blocks Webinar Series

USAID and NREL are partnering with CARILEC to offer a series of webinars based upon the Power Sector Cybersecurity Building Blocks. Each webinar offers a deep dive into the many issues utilities face when building a balanced cybersecurity plan to thwart attacks, minimize impacts, and get back to business quickly following an incident.

Register for the next training or watch the previous recordings below:


Webinar Recording: Power Sector Cybersecurity Building Blocks Webinar Series: Organizational Security Policy

Webinar Recording: Governance: A Building Block for Power Sector Cybersecurity>>

Webinar Recording. Cybersecurity Awareness Training: A Building Block for Power Sector Cybersecurity

Webinar Recording: Cybersecurity Incident Response

Webinar Recording: Building Blocks to Support Cybersecurity in the Power Sector

Webinar Recording: Cybersecurity and Distributed Energy Resources