The Defense Department is preparing plans to protect facility-related control systems (FRCS) from cyberattacks as part of its effort to ensure critical missions can continue to operate during a variety of threats. Installation officials are working with the department’s chief information officer and principal cyber advisor “toward solutions and resources ensuring FRCS are defensible, survivable, and resilient to operate and sustain critical functions in a cyber-contested environment,” according to the written testimony Lucian Niemeyer, DOD’s assistant secretary for energy, installations and environment, submitted in April to the House Armed Services’ Readiness Subcommittee.
FCRS are vulnerable to cyberattacks, as has been made clear during past incidents involving malware, including one on Ukraine’s electric grid which cut power to critical facilities. At the same time, the services are updating their energy resilience policies, which require plans “to ensure available, reliable, high-quality, and cyber secure power to continuously accomplish our missions from our installations and facilities,” the testimony states.
Another component of the department’s energy resilience approach is scenario-based planning, such as installation reliability exercises which can be used to determine investments for resilient infrastructure. “This improves our installations’ security posture, increases our planning effectiveness, and ensures our ability to continue critical missions in the face of grid power disruptions that could occur due to weather events and/or direct physical or cyberattack,” Niemeyer’s testimony states. The department also is working with the departments of Energy and Homeland Security to “pinpoint the needs of critical defense assets and national infrastructure.”
Photo by John Mottern