and it forced us to think about how we reconstruct with
redundancy. How do we protect against major man-made
or natural disasters? That’s how this office was born. It is
from 9/11 and the subsequent work of Richard Clark that
critical infrastructure really captured serious attention. WORK WITH THE ENERGY SECTOR ON
ITS OWN LEGACY SYSTEMS, ESPECIALLY
WITH THE IOT, QUANTUM COMPUTING,
AND SO MANY INNOVATIONS—AND
THREATS—CONTINUALLY EVOLVING?
My office operates through a national security lens and focus.
That is our purpose—to ensure a stable, safe, and secure
national energy grid. Again, energy powers everything we
do. In terms of critical infrastructure, it all begins with
energy. If there is no energy, there is no anything. First, 90 percent of our nation’s energy resources are in the
private sector, so collaboration with our energy partners is
absolutely critical, and our collaboration is excellent. We work
with our energy partners, state and local governments, law
enforcement. We are working on a major grid modernization
initiative that looks to a future where quantum networks might
actually detect problems and correct them—self-healing
almost. Our grid modernization initiative looks at all aspects
of energy production—how can we improve production,
distribution, modernize and protect legacy industrial control
infrastructure—so many things. And I know it is a focus of
CES Government, but cyber is something incorporated in
all our work. Our regulatory agencies are NERC and FERC,
and we work closely with them as well. Energy has disparate
parts, many players, but we share a common mission: to keep
the lights on and get them back on quickly if they go out.
In terms of national security and energy, it may not
be so obvious, but we are most vulnerable responding
to emergencies, be these natural or man-made. Our
attention and resources both are diverted. Our office
plans for this. It is part of our mission portfolio.
CYBERSECURITY IS IN THE TITLE OF YOUR
OFFICE, BUT YOUR RESPONSIBILITY IS MORE
THAN CYBER. CAN YOU ELABORATE?
Most certainly. Our mission is energy security; cyber is
a threat—a big threat, but a threat nonetheless. So are
hurricanes, earthquakes, natural disasters of any kind.
Man-made disasters as well. Our mission is to work with
industry partners to ensure that the lights are on, and when
they aren’t, getting them on as quickly as possible.
That said, cyber is in the title of my office precisely because
of its importance. Think about all of the renewable energy
sources. Our major energy provider partners implement very
effective and disciplined security policies and processes, but
what happens when you connect to the grid wind and thermal
plants, solar panels—sources you don’t control? Energy
providers are required to make these connections. The risk
rises when you connect to sources beyond your control, and
these supply chain connections present special challenges.
They expose risk to critical infrastructure sectors, like
energy, just as you are exposed when you connect a device
to your PC that you received from an outside source.
OBVIOUSLY, YOUR ORGANIZATION HAS
A PRIVATE SECTOR FOCUS. HOW DO YOU
ADVANCED MANUFACTURING,
CYBERSECURITY, AI, AND SELF-HEALING
NETWORKS—WORKFORCE MUST BE
AN ISSUE OF CONCERN AS WELL?
It absolutely is, and I have been involved with technology
workforce challenges for most of my career. A cyber
workforce was a major part of the U.S. Cyber Challenge that
I led prior to coming back into government. We work with
the national labs and universities on curriculum and R&D
that will produce the kinds of talent we need for advanced
manufacturing, industrial control, cyber and the transformational
technologies of AI and machine learning, with expertise on
our most vital of critical infrastructure sectors—energy.
Karen Evans will participate on the January 9th CES
Government 2020 Executive Roundtables “Cyber 2020:
Global Threat Matrix” and “Building a 21st Century
Workforce” as well as the January 11th keynote plenary
panel “Cybersecurity and Critical Infrastructure: Energy.”
MEET KAREN EVANS
Karen Evans was sworn in by U.S. Deputy Secretary of Energy Dan Brouillette as the Assistant
Secretary for the Office of Cybersecurity, Energy Security, and Emergency Response (CESER)
on September 4, 2018. Evans was confirmed as Assistant Secretary for CESER by the U.S.
Senate on Tuesday, August 28, 2018.
Before nomination by President Trump to her current position at the Department of Energy,
Karen Evans held IT and management leadership positions at DOE, DOT and DOJ. She is
widely recognized for her work as the Federal CIO under President George W. Bush.
CESGovernment.com • 47