DOMINION ENERGY
PROTECTING AMERICA’S
ENERGY GRID
A CONVERSATION WITH DOMINION ENERGY’S CHIEF SECURITY OFFICER, ADAM LEE
ADAM LEE is the Chief Security Officer (CSO) of the third
largest energy company in the United States. As the primary
energy provider for 18 states and 7.5 million customer homes and
businesses, Dominion’s energy production assets run the gamut
from alternative energy sources to nuclear power plants. Security
of these assets is vital not only to Dominion’s customer base but
also to the national and economic security of the United Sates.
Adam Lee joined Dominion in late 2018 after a distinguished
22-year career with the FBI, which culminated in service as
FBI Special Agent in Charge of the Richmond field office.
AS A MAJOR, EXPANDING NATIONAL
ENERGY PROVIDER, CAN YOU DESCRIBE
THE SCOPE OF YOUR RESPONSIBILITIES?
My responsibilities as Dominion CSO encompass both cyber
and physical security. This is an important distinction, one that
recognizes the direct connection cyber and physical security often
share, especially today when cyberattacks can seriously damage
physical assets vital to energy production and distribution.
FOCUSING ON CYBERSECURITY, THREATS
CONTINUE TO EVOLVE AND INCREASE IN
POTENTIAL SEVERITY. TECHNOLOGIES,
SOLUTIONS AND INCIDENT REMEDIATION
STRATEGIES MUST STAY A STEP AHEAD.
HOW DO YOU MAINTAIN AN ORGANIZATION
THAT KEEPS PACE AND ENSURES THE
HIGHEST LEVELS OF SECURITY?
Good question. That always is the challenge. Three major pillars
comprise our strategy: technology-driven protections, training
and awareness, and collaboration with industry and government
partners. This is a comprehensive framework against which we
build our security strategy. Each is vital to achieving our mission.
24 • CESGovernment.com
CAN WE TAKE THESE ONE AT A TIME? HOW
DO YOU INCORPORATE TECHNOLOGY AND
DECIDE SOLUTIONS FOR ENDPOINT, PHISHING,
NETWORK AND APPLICATION SECURITY?
First, everything is driven by electricity, so I would argue
energy is paramount among critical infrastructure sectors.
And while all of our customers are important, we at Dominion
recognize that we are the provider to facilities that drive
America’s defense and national security: the Pentagon, the
largest East Coast U.S. Navy port at Norfolk, Langley, the
Navy Yard—the list goes on. Technologies we incorporate
must be proven, in terms both of scale and effectiveness. We
test and constantly evaluate always-evolving technologies to
determine their importance to combating a fluid threat matrix.
TRAINING AND AWARENESS?
Absolutely critical. Dominion employs 21,000 people, which
makes the company a large enterprise. We incorporate
standard cybersecurity training for all employees across
all Dominion operations: phishing simulation, password
policies, and importantly, leadership training on how to have
informed conversations on fundamental security issues.
Our vision is to maintain a culture of protection, one that embodies
corporate-wide awareness of cyber threats and that incorporates
training relevant and appropriate to varying position requirements.
COLLABORATION?
I want to make this point crystal clear. Collaboration not only
is vital, but we place the highest value on our disciplined
relationships with federal, state, and local government partners.
And it is a partnership. You hear many complaints today about