In the coming years, additional investment in security and compliance programs across the United States will be necessary to address emerging and previously unidentified areas of risk, especially those risks posed by foreign adversaries.
This wave of supply chain risk management enhancements has already impacted healthcare, defense, telecommunications, and information technology.
In response to the shifting risk landscape, Executive Order (EO) 13920 and the Department of Energy’s (DOE) resulting Request for Information (RFI) aim to secure the U.S. Bulk Power System (BPS) by addressing the need to institute foreign ownership, control, or influence (FOCI) controls that flag risks arising within the sub-tier supply chain. Whereas historically, supply chain efforts have been overwhelmingly focused on cyberthreats, a modern security and compliance regime that protects the integrity of the U.S. BPS ecosystem must also address FOCI, espionage and sabotage risks.
In this white paper, Exiger:
- Provides an overview of key recent regulations addressing FOCI risk;
- Discusses potential threats to the BPS from sub-tier vendors;
- Highlights gaps in the current compliance framework; and
- Identifies the controls necessary to address these risks, which can be implemented in an efficient and cost-effective manner by leveraging existing industry resources, best practices and automated solutions for due diligence and other needs.