This week government and commercial leaders testified before the Senate Committee on Energy and Natural Resources about cybersecurity threats facing US energy delivery systems. Among the issues brought before the committee? The difficulty obtaining a Department of Energy security clearance.
The vast majority of security clearances are issued through the Office of Personnel Management on behalf of the Department of Defense. The Department of Energy maintains its own personnel security program, but the majority of its investigations are conducted by OPM. That means the backlog affecting cleared contractors today also falls onto DoE employees.
“Despite my long history of service in the government intelligence space, and despite my existing Department of Defense security clearance, I still have not received a DOE security clearance. I applied well over a year ago,” wrote Dave McCurdy, president and CEO of the American Gas Association in his prepared statement for the committee.
Reciprocity guidelines should enable an individual with an equivalent DoD clearance to move quickly into a DoE role. For instance, a DoE ‘Q’ access authorization requires the same background investigation as a top secret clearance. An individual who has either a Top Secret clearance with the DoD or a ‘Q’ access authorization with the DoE should be able to transition into a new role more quickly, without a new investigation.
But as all things related to security clearance processing today, what’s required on paper may not be what the reality looks like. And if personnel are unable to transition into new positions, industry struggles to maintain the security standards necessary to keep infrastructure safe.
Cybersecurity Information Sharing and Energy Infrastructure
The need for cybersecurity information sharing is not unique to energy contractors. Both the White House and Congress have been actively engaged in efforts to facilitate information sharing with the government and private sector for the past decade. And for good reason. Cyber threats against government contractors only continue to grow, and one weak link can cause massive issues – including the OPM breach of the personal information of more than 20 million.