Addressing the urgency involved in protecting the U.S. power industry supply chain, the advocacy group Protect Our Power filed comments with the Department of Energy.
The comments were a result of two Supply Chain Collaborative meetings hosted by the advocacy group that included representatives from more than a dozen U.S. investor-owned municipal and public power companies, and experts from the private sector.
Recommendations from the Supply Chain Collaborative group included:
- Collaborative development of a comprehensive cybersecurity supply chain framework recognizing the differences in utility companies, designed to operate effectively across the varied systems
- Creation of a list of permitted components and vendors, or a prohibited component list based on the country of origin or product manufacturer based on information sharing
- Establishing a means to test and evaluate the integrity of components using National Labs and non-governmental organizations to oversee reviews and/or a certification process.
- Developing a tiered testing process to encourage the evaluation and prioritization of the most critical components first and focus on the most critical risks
- Considering components that are “restricted”