November 11, 2021

Facility Cybersecurity Framework Best Practices Version 2.0


Federal facilities are increasingly adopting automation and connecting to the Internet creating an energy-internet-of-things environment that converges operational technology (OT) and information technology (IT). Today's buildings increasingly weave together networked sensors and cyber and physical systems that enable data to be collected, aggregated, exchanged, stored and monetized in new ways. Building technological advances have created new energy technology, services, markets and value creation opportunities (e.g. transactive energy, two-way grid communications, machine learning, and increased use of renewable and distributed energy resources). But as larger data sets are being exchanged at faster speeds between an increasing number of OT systems, it becomes more difficult to protect the security of the data lifecycle and the physical equipment it interacts with. These challenges are especially difficult to overcome because the economic and environmental gain (interoperability, big data, social networks and ubiquitous information sharing) are driving these prominent trends in the digital age. Often cybersecurity is an afterthought.

Published: November 11, 2021


Gourisetti S., M. Mylrea, H.M. Reeve, J.A. Rotondo, G.T. Richards, and J.A. Irwin. 2021. Facility Cybersecurity Framework Best Practices Version 2.00. Richland, WA: Pacific Northwest National Laboratory.