Geothermal Sector Cybersecurity Vulnerability Assessment

A review of geothermal sector-specific cybersecurity vulnerabilities and risks (consequences) was conducted at the request of the Geothermal Technologies Office (GTO). The vulnerabilities and risks reviewed in this study have relevance to achieving the 2019 GeoVision Report (DOE GTO 2019) technological advancements and expected sector growth. The study offers areas for consideration but does not quantify the likelihood (frequency) of the consequences. This cybersecurity analysis project represents a proactive effort to identify areas to enhance cybersecurity in geothermal development and operations. It was not initiated to address any immediate threat or specific known risk. Of the eight identified vulnerabilities analyzed, the review identified reservoir data system monitoring as one that is unique to geothermal systems and may warrant further investigation to better understand risk and mitigation. A detailed analysis of the other vulnerabilities may highlight additional uniqueness relative to other industries. Further research actions are recommended to better quantify risk and enhance cybersecurity preparedness of the sector. As the geothermal industry grows, the cybersecurity strategies to be deployed will be of increasing importance to ensure resilient, reliable, and secure clean energy for years to come.