The U.S. Department of Energy’s FY 2027 budget frames cybersecurity as a core pillar of national energy security, embedding it directly within efforts to protect and modernize critical infrastructure. The request allocates US$160 million to the Office of Cybersecurity, Energy Security, and Emergency Response to enhance the security of energy infrastructure and its supply chain, while deploying experts to respond to energy crises. This underscores CESER’s role in safeguarding the grid and responding to energy-sector crises amid surging demand from data centers, AI workloads, and advanced manufacturing.
The DOE move reflects a growing recognition that grid reliability and cybersecurity are now inseparable, particularly as system strain and digital interdependencies expand the attack surface. The budget signals a shift from viewing cybersecurity as a supporting function to treating it as foundational infrastructure across civilian energy systems and defense operations. From securing supply chains and energy delivery systems to protecting nuclear assets and enabling digital transformation initiatives, the DOE aligns cybersecurity spending to protect national security and maintain operational continuity in an increasingly contested and interconnected threat landscape.
To secure U.S. energy infrastructure, CESER programs coordinate with energy infrastructure owners and operators. This collaboration also extends to state and local governments to identify, understand, mitigate, and develop practical guidance and tools to enhance the security and resilience of the energy sector. This proactive approach, embedding cybersecurity considerations into the development of new energy technologies, is fundamental to preventing the introduction of future vulnerabilities and safeguarding the energy system that underpins our national security.
In a move to better align priorities and execution, CESER is proposing a revised budget structure for FY2027 that reduces duplication, simplifies the request, and ties resources more directly to its core mission. The reorganization centers on two primary programs, including Threat Analysis and Incident Response (TAIR) and Infrastructure Hardening and Technology Development, reflecting a more operational approach to securing energy systems.
The TAIR program identifies, assesses, and mitigates risks to critical energy infrastructure by combining insights from industry, intelligence sources, and DOE national laboratories. It maintains a prioritized risk register, develops mitigation strategies for high-impact threats, and coordinates national response efforts to restore energy systems following cyber, physical, or natural disruptions. The program also strengthens resilience through real-time information sharing, emergency coordination, technical assistance, and sector-wide exercises, while supporting partners with response, recovery, and best practices to improve overall security and operational readiness.
The Infrastructure Hardening and Technology Development program focuses on strengthening energy systems against cyber, physical, natural, and supply chain threats while advancing technologies to address emerging risks. It combines infrastructure assessments and protection efforts with targeted research and development in collaboration with industry, national labs, and government agencies.
The budget also highlights the growing intersection between cybersecurity and supply chain resilience, particularly as the energy sector becomes more dependent on complex, globally sourced technologies. DOE’s investments in critical minerals and energy innovation programs are closely tied to securing the integrity of energy systems, signaling that cybersecurity risks now extend beyond networks into hardware, components, and industrial ecosystems. This reflects a broader concern that adversaries could exploit weak links in supply chains to disrupt operations or compromise infrastructure at scale.
The FY 2027 budget request will support site assessments and hardening projects for defense critical energy infrastructure; testing and mitigation of supply chain programs (CyTRICS and Energy Cyber Sense); and provide advanced training and workforce development programs like CyberStrike. Additionally, FY 2027 efforts will focus research and development investments on enhancing critical infrastructure cybersecurity through AI-driven solutions and addressing the risks posed by natural and manmade hazards.
Beyond dedicated funding, cybersecurity is also woven into broader modernization and national security priorities, particularly within nuclear and defense programs. The National Nuclear Security Administration (NNSA) increases investment in IT and cybersecurity to $935 million, supporting secure infrastructure, continuous monitoring, and enterprise-wide protection across the nuclear security enterprise. These measures are designed to ensure that critical weapons systems, research environments, and operational networks remain resilient against increasingly sophisticated cyber threats.
At the same time, the department’s push into artificial intelligence, quantum research, and high-performance computing introduces both new capabilities and new vulnerabilities, reinforcing the need for embedded cybersecurity across emerging technologies.
With $1.2 billion allocated to AI initiatives and integration of advanced computing across national laboratories, the DOE is effectively expanding the digital attack surface even as it accelerates innovation. The implication is clear: as energy systems become more intelligent and interconnected, cybersecurity must evolve in parallel, serving not just as protection, but as a prerequisite for safely deploying next-generation technologies.
The Office of Enterprise Assessments (EA) supports DOE’s mission to ensure secure, safe, and efficient operations across the nuclear weapons complex, research programs, and environmental cleanup by conducting independent security and safety assessments, enforcing regulatory compliance, and delivering workforce training.
In FY 2027, EA will prioritize strengthening security and cybersecurity evaluations, advancing nuclear and worker safety oversight, enhancing enforcement programs, and expanding training initiatives through the National Training Center. It also seeks to deliver advanced threat-informed cybersecurity assessments through enhanced tools and unannounced red team performance testing to identify vulnerabilities across DOE’s National Security, Intelligence, scientific, and other critical systems.
The DOE budget noted that the Office of the Inspector General (OIG), responsible for the audit and evaluation of the Department’s unclassified systems, has experienced substantial problems with cybersecurity. “As the Department continues to expend taxpayer funds, it remains important to secure its systems from vulnerabilities that could result in the loss of billions of dollars’ worth of innovative or sensitive technologies developed using taxpayer dollars. This request will allow the OIG to focus on a true and timely view of the Department’s cybersecurity posture; maintain oversight into operational technology and the Energy Security space; continue collaboration with the Department’s Office of Enterprise Assessments; and deconflict and conduct risk-based discretionary jobs in this area.”
Under the Energy Policy Act of 2005, the Federal Energy Regulatory Commission (FERC) is responsible for enforcing mandatory standards to protect the reliability and cybersecurity of the bulk power system, with expanded authority to oversee compliance. Its operations, including cybersecurity oversight, are fully funded through fees collected from regulated entities, resulting in no net cost to taxpayers.
The FY 2027 request allocates $156 million for IT investments, including cybersecurity, as part of efforts to modernize infrastructure and improve operational efficiency despite an overall funding decrease. The focus is on strengthening core systems, enhancing data analytics, and integrating artificial intelligence into operations, with cybersecurity embedded as a critical component to support mission delivery and protect increasingly digital workflows.
In addition, the Commission will continue to execute federal mandates for IPv6 requirements, zero trust principles, and cybersecurity protocols, apart from investments in cloud native security technologies and cybersecurity monitoring capabilities that ensure proactive identification of threats and vulnerabilities impacting mission systems.
