OTDefender: Operational Technical Defender Fellowship

Elite Training For Energy Sector Front-Line Managers

NOTICE: Applications for the 2025 OT Defender Fellowship will open in August 2024.

About the Fellowship

Protecting the nation’s energy infrastructure from modern threats is vital to maintaining national security, a vibrant economy, and public health and safety.

Security managers serve as a utility’s first line of defense against cyber-enabled sabotage and physical security breaches, ranging from financially motivated material theft to reconnaissance to deliberate attacks in cyberspace and in the physical world. While their role is critical, their work is challenging, and resources are limited.

To better support these front-line managers, the U.S. Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) created the Operational Technology (OT) Defender Fellowship Program. This highly-selective education program offers middle- and senior-level OT security managers in the U.S. energy sector an opportunity to more fully understand the cyber strategies and tactics that adversarial state and nonstate actors use in targeting U.S. energy infrastructure, and how the U.S. government is postured to counter these adversarial activities.

The fellowship is sponsored by the Department of Energy (DOE) and hosted by Idaho National Laboratory (INL), with support from Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation (CCTI).

Target Audience

The OT Defender Fellowship offers one cohort per year with a small number of highly qualified participants per cohort. 

  • Be in a management role in a U.S. energy sector asset owner or operator organization, with decision-making authority and oversight responsibility for the security or operations of operational technology systems – senior enough to influence the strategy and tactics of the organization, and in touch with how the work is performed on the front lines
  • Have the support of their manager and of the organization’s leadership
  • Commit to the requirements of the fellowship, including attending quarterly in-person seminars (at participant's cost), and completing assigned activities between seminars to build utility perspective and promote information sharing
  • Be a U.S. citizen (required)
  • Eligible to hold an active federal security clearance

For additional information, see DOE’s 2024 Press Release.

DOE CESER Launched Fourth Cohort

Earlier this spring, DOE CESER launched the fourth cohort with briefings and trainings at INL. Hailing from across the country and representing electric and oil and natural gas interests in the energy sector, the 2024 Cohort picked up right where 2023 left off. The new 2024 cohort met for the first time in person and quickly began pushing for deeper discussion, more meaningful exchanges, and operationalized collaboration between government, industry experts, and across the sector. A group of 2023 Ambassadors helped to kickoff the session to offer their lessons learned from last year's experience and to kick-start the professional camaraderie and fellowship for the 2024 cohort.

Highlights

Achieve OT Excellence @ INL

  • Develop a keener understanding of the OT threat landscape and strengthen capabilities to defend similar environments
  • Engage with cyber experts and warfighters from relevant U.S. government organizations, commands, and services to gain greater insights into the tactics and techniques of cyber adversaries
  • Learn about the geopolitical context and strategy in which cyberattacks occur and the defensive measures employed by U.S. government cyber operators
  • Build beneficial relationships with key government agencies working to defend the nation from cyberthreats

Curriculum

The 12-month fellowship consists of quarterly week-long seminars (in-person and remote). Classroom information and tabletop exercises include:

  • Application of the Cyber-Informed Engineering (CIE) framework and training to introduce participants to INL’s Consequence-driven Cyber-informed Engineering methodology for mitigating risk from cyber sabotage.
  • A tailored running of CyberStrike, a hands-on training course designed in the aftermath of cyberattacks on Ukraine’s power grid.
  • U.S. government specific deep dives into the links between utility missions and capabilities and the needs, missions and capabilities of federal agencies including DOE, the Federal Bureau of Investigation, the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency, and the Department of Defense’s Defense Critical Infrastructure Program.
  • Briefings from U.S. government officials on nation state defense strategies and adversarial geopolitical strategies.
  • A capstone real-world, scenario-driven exercise integrating knowledge gained through the program.

The 12-month fellowship consists of quarterly week-long seminars, plus strategic online presentations in between the quarterly sessions.  Classroom information and tabletop exercises include:

  • Application of the Cyber-Informed Engineering (CIE) framework and training to introduce participants to INL’s Consequence-driven Cyber-informed Engineering (CCE) methodology for mitigating risk from cyber sabotage
  • Tailored running of CyberStrike, a hands-on training course designed in the aftermath of cyberattacks on Ukraine’s power grid
  • Four hours training course, “Principles of Cyber-enabled Sabotage & Engineering Protections”
  • Deep dives into the links between utility missions and capabilities and the needs, missions and capabilities of federal agencies including DOE, the Federal Bureau of Investigation, the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency, Office of the National Cyber Director, National Security Agency, US Secret Service, and the Transportation Security Administration
  • Briefings from U.S. government officials on nation state defense strategies and adversarial geopolitical strategies
  • A real-world, scenario-driven capstone exercise integrating knowledge gained through the Fellowship
  • In-person visit to an OT Defender Alumni site
  • Continued engagement post-cohort-year through OT Defender Alumni Program

Benefits

  • Develop an increased understanding of adversarial cyberthreats to critical infrastructure, the potential for a cyberattack to result in physical effects, and current capabilities for detection of, defense against, and recovery from these attacks.
  • Gain an enhanced awareness and understanding of the U.S. government’s energy infrastructure cyber defensive strategy as well as related adversarial geopolitical impacts. 
  • Develop and discuss strategies to better organize, consume, and operationalize tactical information about indicators of cyberattacks on critical energy infrastructure.
  • Build and enhance relationships between energy sector and government cybersecurity managers to increase cyber defense preparedness.
  • Discover strategic and tactical approaches, sources of actionable information, and industry peer connections to apply within their organizations.
  • Networking and educational opportunities continue in perpetuity through continued Alumni engagement and training.
  • Engage in post-fellowship opportunities, including consulting with DOE on research programs and providing insights on the U.S. energy infrastructure to federal agencies.