The federal government is increasingly concerned with protecting the nation's power grid, both from intentional attacks and from natural disasters.
Between the Energy Department, the Homeland Security Department and the Federal Energy Regulatory Commission, there are at least 27 separate programs dedicated to shielding various aspects of the grid from physical and cyber breaches, but also from natural phenomena such as solar storms.
DHS, for instance, has a "Solar Storm Mitigation" effort that aims to "enhance awareness of potential disruptions" in the atmosphere caused by the radiation emitted by the sun. The department is ensuring that owners of parts of the grid have "actionable information" about a solar storm's potential impacts, according to a watchdog report on these programs.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
Though it's private companies who operate most of the power grid, “the federal government has a significant role in promoting the grid’s resilience," according to the Government Accountability Office, which assessed whether the 27 programs it found were duplicative. They aren't, GAO found, but they do occasionally overlap.
Several programs focused on protecting the grid's cybersecurity; overall, about a dozen programs had similar cyber-related goals, GAO found. Those efforts include the Energy Department's Subsector Cybersecurity Capability Maturity Model, which aims to help industry partners benchmark their safety, and another program within that department encouraging public and private sector groups to pool their knowledge of threats.
Still, the "fact that multiple agencies have roles in enhancing the resilience of the electricity grid raises questions about the potential for fragmentation, overlap, or duplication in federal efforts," the report said.
With mounting concern about attacks on the grid, other federal groups are encouraging the public and private sectors to collaborate on protecting it.
For instance, the National Institute of Standards and Technology recently published a proposal for a "situational awareness" framework utility companies can use to develop resiliency plans. An effective plan should incorporate "security incident and event management" and steps for mitigating the effects of outages, according to NIST.