Politics

Report: DOE rush to award smart grid grant money may have compromised cybersecurity

Josh Peterson Tech Editor
Font Size:

A January DOE Inspector General report revealed that a rush by the Energy Department to dole out stimulus money resulted in wasted efforts to upgrade smart grid cybersecurity, potentially compromising national security.

The effort — called the Smart Grid Investment Grant Program — was part of a $3.4 billion initiative supported by President Barack Obama to fund government investment in the growth of smart grid technologies. It was meant to create “tens of thousands of jobs, save energy and empower consumers to cut their electric bills.”

Smart grid is a class of technology that uses computers and automation for utility electricity delivery.

An audit of the program by DOE Inspector General Gregory Friedman’s office found that “accelerated planning, development and deployment” of the program resulted in 36 percent of the 99 applications audited were incomplete, and the companies that submitted the applications still received federal money.

“In our review of security plans, we noted that the plans did not always include sufficient information related to risk assessments and/or other important elements, and , that they did not fully address many of the weakenesses initially identified by the Department,” said Friedman.

In addition to funding weak programs, one application found by the audit clearly noted the applicant’s intention to use the grant money to meet cost-share requirements. Another applicant applied for and received $600,000 in federal reimbursements, which is double what they were actually due for legitimate expenses.

The Energy Department also used unqualified employees from other departments within the agency to aid its rush to get money out the door. Only two out of the 10 employees had received the proper training needed to assess and award the grants, and one of the two employees who could award grants could only do so in a limited capacity.

When asked by TheDC about whether the DOE had taken steps to remedy the sitation Jen Stutsman, spokesperson for the Energy Department, told TheDC in an email statment, “The Energy Department takes very seriously our responsibility to effectively manage and oversee our smart grid grants to protect taxpayer funds and ensure that projects are moving forward to modernize our nation’s electric grid.”

“When the grants were awarded, the Department required all grant recipients to develop cybersecurity plans that provided information about how they would identify and mitigate cybersecurity risks,” said Stutsman.

“In addition, the Department has taken steps to address the Inspector General’s recommendations, including full reviews of on-site cybersecurity monitoring reports; requiring recipients to make necessary updates to their cybersecurity plans; updating the current methodology for monitoring the projects; and providing additional management training to employees overseeing the projects,” said Stutsman.

Follow Josh on Twitter