Energy Infrastructure Vulnerability Assessments
Jeff Dagle, (PNNL), email@example.com
The Department of Energy (DOE) vulnerability and risk assessment program was established to assist energy infrastructure providers in assuring the continued delivery of their critical services. These vulnerability assessments differ from those that are provided by other organizations in process, focus, scope and access to expertise. An assessment approach leveraged from other assessment methodologies has been developed that is unique. The focus is vulnerabilities of critical process control systems in the context of a broader enterprise security assessment. Additionally, both physical and cyber security are evaluated, along with an analysis of threat, impact, and overall risk characterization to provide a framework for prioritizing recommendations. The DOE objective is to enable the energy infrastructure provider to enhance its security posture, with the understanding that these organizations are stewards of infrastructures with significant national importance.