Utility Cybersecurity and Grid Modernization

Strengthening Utilities and Promoting Energy Reform (SUPER)

USAID is supporting Latin American and Caribbean countries in improving the resiliency of electric utilities, regulators, energy authorities, regional organizations, and other energy sector stakeholders to manage cybersecurity challenges and lead digital transformation efforts.

USAID’s Priorities and Objectives for Advancing Cybersecurity in the Region

USAID is committed to combating cybersecurity challenges in partner countries that aim to undermine government legitimacy. In addition, USAID has published a Digital Strategy to encourage investment in digital ecosystems. Cybersecurity is critical to USAID Digital Strategy’s goal of achieving and sustaining open, secure, and inclusive digital ecosystems. As digital technology use expands, it is important to mitigate the growing vulnerabilities to stabilize the ecosystem and prevent cyber threats.

A 2019 study found that more than half of gas, wind, water, and solar utilities around the world have suffered from at least one cyber attack. USAID works with partner countries in the Latin America and Caribbean (LAC) region to identify, prevent, and mitigate cyber incidents which, if undetected, can cost millions of dollars in recovery.

Why is Cybersecurity Important? Why Now? 

  • Cyberattacks increased 131% March 2019 – March 2020
  • One utility reports a 650% increase

The Caribbean Council reports that the costs of cyber incidents in the LAC region totals $90 billion annually. Cyberattacks increased by 131 percent between March 2019 and March 2020. One utility in the region reported that the number of identified attacks increased by 650 percent compared to an average year since the start of the COVID-19 pandemic. The impacts of a successful cyberattack can be devastating for an electric utility, with impacts ranging from damage to physical infrastructure and blackouts, to the loss of data and data theft, and even being beholden financially to bad actors through ransomware.

Now is the time to leverage resources, share knowledge, and coordinate strategies to fight the increase in cyberattacks, ransomware, and other malware. 

Cybersecurity Assessments

In collaboration with the U.S. Department of Energy’s National Renewable Energy Laboratory (NREL), USAID is helping to shape the technical assistance and roadmaps that follow NREL’s assessment of an electric utility through its Distributed Energy Resources Cybersecurity Framework (DERCF) tool. This tool assesses utilities across three domains—Governance, Technical Management, and Physical Security—each with a number of sub-domains. Once utilities have completed the assessment, the DERCF tool will assess their “cyber-maturity” and identify priority areas of intervention. USAID is partnering with NREL to shape the guidance and planning required for utilities to address the outputs of their assessments.

USAID–NREL Cybersecurity Building Blocks Webinar Series

USAID and NREL developed the Power Sector Cybersecurity Building Blocks to assist energy stakeholders in improving security for the electrical grid. The eleven building blocks complement existing cybersecurity program standards by defining clusters of related activities within a balanced cybersecurity program and providing resources for each area.

USAID’s SUPER program and NREL are partnering with the Caribbean Electric Utility Services Corporation (CARILEC) to offer the Cybersecurity Building Blocks Webinar Series. Watch the webinars and register for upcoming sessions!

Caribbean Cybersecurity Regional Spring Forum

The Caribbean Energy Sector Cyber Summit will convene energy sector stakeholders, cybersecurity experts, international donors, and those looking to expand their cyber knowledge and capabilities to learn, grow, and network across this two-day summit. With events for all levels of cyber awareness, this summit will aim to enhance the Caribbean energy sector’s security and capacity to detect, respond, and mitigate cyberattacks.  

Key Themes:

  • The threat of ransomware and malware to the energy sector
  • Cyberattacks as a threat to renewable energy development
  • How cyberattacks can hinder a utility’s ability to deliver services and other impacts of successful cyberattacks
  • Enhancing resilience in an increasingly remote environment due to grid modernizing technologies and the COVID-19 pandemic

Featured Resources

Cybersecurity for the Energy Transition

Image

Body
Renewable energy technologies such as distributed energy resources, supervisory control and data acquisition systems (SCADA), and advanced metering infrastructure are critical to the digitalization of energy systems and the clean energy transition.

USAID SUPER Cyber Capabilities and Initiatives

Body

An overview of the cybersecurity threat to energy stakeholders in Latin America, other U.S. Government-sponsored cyber initiatives in the region, and illustrative offerings for prospective partner organizations.

Distributed Energy Resource Cybersecurity Framework

This framework, developed by NREL for the U.S. Government, assesses the cybersecurity posture of distributed energy resource systems.

For More Information

Strengthening Utilities and Promoting Energy Reform (SUPER)

Image

Body
USAID’s SUPER program supports partner country counterparts with priority projects to improve energy sector utility performance.

USAID Energy

Image

Body
Through its established field presence, global and country-level industry networks, and long-standing relationships with government and private sector partners, USAID embraces an integrated approach to energy sector reform to reduce barriers to private investment and open clean energy markets, strengthen governing institutions, reduce air pollution and emissions, and develop resilient and financially viable power systems.

Latin America and the Caribbean

Image

Body
Many Latin American and Caribbean (LAC) nations have experienced monumental growth and change in the past several decades, and USAID has partnered with these countries to make important progress. Despite the global financial crisis, the region averaged a three percent annual increase in economic growth between 2000 and 2012. Health indicators have greatly improved in the region: for example, maternal mortality has fallen from 140 to 81 deaths per 100,000 live births since 1990. Political advances have been notable, as well: free elections, vibrant civil society, and responsive governments are mostly the norm.