Enhanced Grid Security Act of 2015

Enhanced Grid Security Act of 2015

This bill designates the Department of Energy (DOE) as the lead Sector-Specific Agency for cybersecurity for the energy sector (this action comports with the presidential policy directive entitled "Critical Infrastructure Security and Resilience" dated February 12, 2013).

DOE shall:

• develop advanced cybersecurity applications and technologies for the energy sector;
• advance the security of field devices and third-party control systems;
• leverage electric grid architecture as a means to assess risks to the energy sector, including by implementing an all-hazards approach to communications infrastructure, control systems architecture, and power systems architecture;
• perform pilot demonstration projects with the energy sector to gain experience with new technologies; and
• develop workforce development curricula for energy sector-related cybersecurity.

DOE shall also implement within the energy sector cybertesting and cyberresilience programs that target:

• DOE emergency response capabilities,
• cooperation with the intelligence communities for energy sector-related threat collection and analysis,
• enhancing the tools of DOE and the Electricity Sector Information Sharing and Analysis Center (ES-ISAC) for monitoring the status of the energy sector,
• expanding industry participation in ES-ISAC, and
• technical assistance to small electric utilities to assess cybermaturity posture.

DOE must develop an advanced energy security program that secures diverse energy networks in order to increase the functional preservation of the electric grid operations or natural gas and oil operations in the face of natural and human-made threats and hazards, including electric magnetic pulse and geomagnetic disturbances.

DOE shall study alternative management structures and funding mechanisms to expand industry membership and participation in ES-ISAC.