Eight companies providing operational control technologies for the energy sector have signed on to a Group of Seven (G7) pledge to abide by a series of cybersecurity principles according to Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology.

The Supply Chain Cybersecurity Principles were developed through a public-private collaboration between the Department of Energy’s (DOE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) and the pledge’s signatories, which include Schneider Electric, GE Vernova, Hitachi Energy, Honeywell, Schweitzer Engineering Laboratories, Rockwell Automation, and Siemens Energy.

The G7 is releasing the pledge against the backdrop of Russian attacks on Ukrainian energy infrastructure during its invasion and rising tensions with China, which is prepositioning itself in the critical infrastructure of the U.S. and its Indo-pacific allies.

It also comes as several governments advocate for industry to adopt a secure by design approach through voluntary cybersecurity principles for software development, deployment, and use. This includes the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure By Design Pledge, which currently has 145 signatories, and the United Kingdom Department for Science, Innovation and Technology’s (DSIT) Code of Practice for Software Vendors, which is currently receiving comments through August 9.

The document released by DOE CESER includes a total of 10 principles, accompanied by mirrored, high-level descriptions of how they apply to “suppliers” (i.e., pledge signatories) and “end users” (i.e., energy utilities):

  1. Impact-Driven Risk Management
  2. Framework Informed Defenses
  3. Cybersecurity Fundamentals
  4. Secure Development & Implementation
  5. Transparency & Trust Building
  6. Implementation Guidance
  7. Lifecycle Support & Management
  8. Proactive Vulnerability Management
  9. Proactive Incident Response
  10. Business & Operational Resilience

Moving forward, the White House will host a “second phase” of the agreement aimed at bringing together government stakeholders and private sector companies from G7 nations to share “threat intelligence and doubling down on how companies will implement these cybersecurity principles.” 

Luke O'Grady

Read Next

Cybersecurity Coalition Announces CyberNext Brussels 2025

The Cybersecurity Coalition and Cyber Threat Alliance announced CyberNext Brussels 2025, 5 March 2025, which will discuss key European Union, Member State, and transatlantic cybersecurity policy issues.

NCD Coker Reflects on ONCD’s Successes, Lessons Learned, and Future

In a fireside chat hosted by the Foundation for Defense of Democracies, National Cyber Director Harry Coker reflected the success, experiences, and lessons learned at the Office the National Cyber Director.

Biden’s Latest Cyber EO Bolsters Work Underway, Faces Uncertain Future in Trump Administration

The EO on Strengthening and Promoting Innovation in the Nation’s Cybersecurity attempts to cement many of the cybersecurity priorities started in the Biden Administration and move forward other initiatives to stop new and emerging threats.