This release is one of the steps DOE is taking to help the energy sector develop “resilient systems” and maintain critical functions, the department said Thursday.
NIST’s cybersecurity framework, issued in February 2014, contains standards and practices to protect critical infrastructure in compliance with an executive order that pushes for the collaboration between industry and government.
DOE says the guidance highlights how cybersecurity capability maturity models align with the framework.
The guidance also outlines existing risk management tools, processes and standards that comply with the cybersecurity framework.
DOE says it has worked with private sector stakeholders through the Electricity Subsector Coordinating Council and the Oil and Natural Gas Subsector Coordinating Council to develop the guidance.