NASEO Central Regional Meeting

Transcription

1 U.S. DEPARTMENT OF ENERGY Infrastructure Security & Energy Restoration Prepare. Respond. Adapt. NASEO Central Regional Meeting DOE SLTT Energy Assurance Activities Matthew D. Duncan Program Manager June 5, 2017

2 Agenda Program Overview FY 17 Energy Assurance Activities CLEAR PATH V Overview LIBERTY ECLIPSE Key Findings FY 18 Energy Assurance Planning 2

3 DOE SLTT Energy Assurance Program Build Relationships Increase Expertise Encourage Comprehensive Planning 3

4 Energy Assurance Activities in FY 17 DOE HQ SLTT Energy Assurance 2016 Year in Review year-review Energy Assurance Joint Policy Committee Comprised of Energy Officials, Emergency Managers, & Regulators April 5, 2017 Next Generation of EAGLE-I Full access for states Energy Waiver Library on Energy.gov Season 2017 UPDATE EEAC INFO 4

5 CLEAR PATH V Objectives 1. Establish and reinforce relationships across the energy and communications sectors to facilitate future preparedness and emergency response operations. 2. Define interdependencies between the energy and communications sectors, emphasizing areas of mutual reliance, resource needs, and mechanisms for effective sharing of information during a multistate regional incident causing energy and communication system interruptions. 3. Examine the interactions between state and federal government organizations during an energy emergency to provide resources and assistance to impacted jurisdictions. 160 participants from federal, state, and energy/comms sectors 5 5

6 CLEAR PATH V Key Takeaways (unofficial) 1. Better coordination between electricity and communications sector for response needed 2. Improve access and credentialing for utility crews remains an issue at local level 3. UAS/Drones are a gamechanger for damage assessments need better clarity on FAA rules 4. Better understanding of restoration prioritization 6

7 Energy Assurance Activities in FY 17 N-Groups Energy Assurance Plan Updates w/ NASEO 12 states in process of updating plans NASEO updating guidelines/provide technical assistance Cybersecurity Training w/ NARUC Cybersecurity Primer for Regulators 3.0 Jan 2017 Cybersecurity Primer regional training Summer 17 Resilience Assessment/ Exec Orders w/ NGA Develop state resilience assessment tool for states Develop executive order roadmap Emergency Management Energy Education w/ NEMA Hosted cyber incident coordination panel in March 17 Developing energy focused TTX package for states 7

8 Energy Assurance Activities in FY 17 N-Groups Protect Critical Infrastructure Information and Tribal Engagement w/ NCSL Develop best practices for critical infrastructure information protections in legislation Reengage tribal state energy assurance work Enhance mutual assistance with municipallyowned utilities w/ APPA Improve outage mapping and information sharing Support updates and exercising of mutual assistance plans and agreements Reinvigorate local energy assurance activities Reestablish local energy assurance contacts Identify gaps in local energy assurance capabilities 8

9 LIBERTY ECLIPSE Key Findings and Recommendations LIBERTY ECLIPSE Exercise Newport, RI, December 8-9, 2016 Co-hosted w/ NASEO Cyber-incident in the electricity sub-sector affecting other sectors Interdependencies in energy sector 3 FEMA Regions, 13 States, industry, 96 participants AAR released April

10 LIBERTY ECLIPSE Key Findings and Recommendations Key Findings Cyber Incident Coordination 1) The cyber incident coordination frameworks at both the state and federal levels need to be further defined and synchronized with industry. 2) The public will face a great deal of uncertainty following a significant cyber incident that causes physical damage (such as a long-term power outage or petroleum disruption), creating a considerable challenge for public information and expectation management, particularly around restoration times. 3) The evolving nature of cybersecurity threats makes it difficult for PUCs to accurately quantify the cost of cybersecurity investments for rate recovery. 10

11 LIBERTY ECLIPSE Key Findings and Recommendations 4) While the consequence management activities for the physical impacts caused by a cyber incident are largely the same as they would be for any other hazard including the potential use of the Stafford Act the unique conditions of a cyber incident pose additional challenges that necessitate new capabilities and the use of new authorities. 5) Information sharing and the ability to communicate remain prime concerns in an energy emergency regardless of the cause. 6) There is a need to improve state petroleum response plans to make them more operational and detailed and provide for greater consistency across multi-state regions. 11

12 LIBERTY ECLIPSE Key Findings and Recommendations 7) Emergency response stakeholders need to have a good understanding of the energy sector supply chains and interdependencies to plan for, and respond to, energy emergencies. 8) There are substantial resources available to support efforts that would enhance cybersecurity. These resources, and their applicability, are not always well known at the state and local levels by some of the organizations within the energy supply chain. 12

13 LIBERTY ECLIPSE Key Findings and Recommendations Key Findings Exercise Design 9) The quality of the exercise, the ability to identify planning gaps, and action items are affected by the composition of the individuals and organizations that participate in the exercise. 10) Participants felt that the exercise should have been a more focused set of events targeting a smaller geographic region to allow for more in-depth discussions. 13

14 LIBERTY ECLIPSE Key Findings and Recommendations Recommendations 1) DOE should support SLTT governments and industry partners to improve communication and information sharing consistent with forthcoming cyber-incident coordination mechanisms, and strengthen procedures to facilitate energy restoration. Particular attention needs to be paid to public communication and expectation-setting during significant cyber incidents. 2) The federal government needs to better define its roles and responsibilities for a significant cyber incident and communicate those roles clearly. 3) DOE should continue its work with SLTT partners, other federal agencies, and the private sector to ensure that appropriate resources and capabilities are available to reduce the risks to the energy sector from a cybersecurity threat. DOE, DHS, and industry should also work together to ensure that measures are in place for the recovery of critical information technology systems to ensure a more rapid system restoration and to minimize impacts. 14

15 LIBERTY ECLIPSE Key Findings and Recommendations 4) DOE should facilitate further dialogue between governments at all levels and industry on developing fuel-shortage response plans, and to evaluate these plans in future regional exercises that focused on the oil and natural gas subsector. 5) DOE should maintain and expand its energy assurance program to encourage and support planning and preparedness, through regular education, training, and exercises for SLTT partners, with the goal of promoting a better understanding of energy sector supply-chain interdependencies. These efforts should culminate in updated energy assurance plans at all levels. 15

16 Energy Assurance Activities for FY18 Three Themes Cybersecurity Preparedness Information Sharing and Situational Awareness Regional Interdependencies EAGLE-I Upgrades to include ISERnet content Possible work on Local Energy Assurance Cross DOE/Lab Cooperation on analytical products focused on resilience and security 16

17 DOE ESF#12 Regional Coordinators Vic Pearson Russ Pascua (Alt) U.S. NORTHCOM Jamie Clark Greg Campbell Walter Yamben (Alt) Jay Hanna Joseph Dygert (Alt) Chris Lawrence Matt Rosenbaum (Alt) Bill Edwards Bob McLeod (Alt) Colorado Springs DC Bob Reed James Briones (Alt) Sam Brinker Pete Miller (Alt) NRCC Jamie Clark John Ostrich (Alt) Updated April, 2017 Rob Gross Donald Ferguson (Alt) Donald Ferguson Rob Gross (Alt) Keith Dodrill Clark Robinson (Asst) 17

18 Matt Duncan Program Manager State, Local, Tribal, & Territorial (SLTT) Energy Assurance U.S. Department of Energy Cell: Rob Gross ESF#12 Regional Coordinator Region VI IV Cell: U.S. Department of Energy Don Ferguson ESF#12 Regional Coordinator Region VII IV Cell: U.S. Department of Energy Vic Pearson ESF#12 Regional Coordinator Region VIII IV Cell: U.S. Department of Energy Infrastructure Security & Energy Restoration (ISER) Division, DOE -- EAGLE-I GIS System -- ISERnet secure, restricted password-protected site 18