Lawmakers introduce bill to strengthen energy sector cybersecurity and threat analysis, boost resilience - Industrial Cyber

Attacks and Vulnerabilities Critical infrastructure Industrial Cyber Attacks Malware, Phishing & Ransomware News Regulation, Standards and Compliance Lawmakers introduce bill to strengthen energy sector cybersecurity and threat analysis, boost resilience February 05, 2026 Two U.S. senators introduced legislation to amend the Infrastructure Investment and Jobs Act and to reauthorize the Department of Energy’s Energy Sector Operational Support for Cyberresilience Program, which provides operational support for cybersecurity and resilience across the energy sector. The bill was referred to the House Committee on Energy and Commerce. Titled the ‘Energy Threat Analysis Center Act of 2026,’ the bill aims to strengthen the collective defense, response, and resilience of the U.S. energy sector by deepening collaboration between government and industry to identify, analyze, and mitigate threats to energy systems. The legislation calls for expanded classified and unclassified information sharing, joint threat analysis, and the development of technical infrastructure to support advanced analytics, experimentation, and intelligence-driven collaboration, enabling faster detection, actionable insights, and coordinated threat mitigation across the sector. Introduced on Feb. 2 by Reps. Kathy Castor, a Florida Democrat and ranking member of the Energy Subcommittee, and Gabe Evans, a Colorado Republican, the legislation also seeks to deepen understanding of national security risks and vulnerabilities in the energy sector that adversaries could exploit, while improving visibility into threat actors’ tactics, techniques, and procedures, indicators of compromise, capabilities, and activities that pose risks to energy systems. The bill also proposed that the Secretary may carry out program activity developed and carried out through an Energy Threat Analysis Center, which may be established at one or more physical locations. The bill specifies that the provision of assistance or information under the program would be at the sole and unreviewable discretion of the Secretary. It clarifies that providing assistance or information to any governmental or private entity would not create a substantive or procedural right or benefit for any other entity to receive similar assistance. The bill further states that the program would not be considered an advisory committee under the Federal Advisory Committee Act. Information shared by or with the federal government, or with state, tribal, or local governments under the program, would be deemed voluntarily shared and exempt from disclosure under the Freedom of Information Act and comparable state, tribal, or local public records laws. Such information would be withheld from public release without discretion under applicable federal disclosure exemptions. In addition, the bill would extend the program’s authorization period to cover fiscal years 2027 through 2031. Cyfirma reported a marked rise in cyber threats facing the sector, with energy and utilities organizations featuring in six of 14 observed advanced persistent threat campaigns, up from just two in the prior period, indicating growing adversary focus on critical infrastructure. Its threat telemetry showed predominantly state-linked actors targeting web applications and operating systems across the U.S., Asia, and allied nations, while ransomware victims rose more than 60% and disclosures underscored ongoing remote code execution and growing denial-of-service risks. Anna Ribeiro Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT. Related Marlink warns surge in satellite spoofing is blinding maritime digital infrastructure, disrupting vessel navigation Stryker rules out ransomware, confirms threat actor used non-propagating malicious file FCC expands Covered List to block high-risk routers and drones, tighten ban on foreign-made connectivity devices Tenable Hexa AI brings agentic automation to exposure management across IT, OT and AI environments NIST expands CSF 2.0 toolkit with quick-start guides aligning cyber risk, risk management, workforce strategy PwC Annual Threat Dynamics 2026 discloses that identity attacks surge as AI reshapes cyber threat landscape Forescout achieves FedRAMP high ATO, strengthens security for converged IT, OT and IoT networks Darktrace introduces Adaptive Human Defense to personalize security training and protection across organizations NetRise Provenance launched to expose open source contributor risk, map impact across software supply chains ISA opens call for ISA113 committee to tackle industrial workflow interoperability challenges across industrial systems