The US Department of Energy’s (DOE) accelerated approach for approving funding of smart grid projects led to inadequate review of cybersecurity plans, warned the DOE’s Inspector General (IG).
In the American Recovery and Reinvestment Act of 2009, DOE received $3.5 billion to fund smart grid projects, which the department awarded to 99 recipients.
As part of the grant process, DOE required recipients to submit cybersecurity plans describing controls they intended to implement as part of their smart grid. An internal DOE review found 36 of the 99 plans fell short in one or more areas, but the grants were awarded anyway, according to the IG report.
via Info Security, continued here.