U.S. Department of Energy Cyber Security Program: Cyber Security Strategic Plan, Version 1.0 [open pdf - 876KB]
"Over its history, the Department of Energy (DOE) has shifted its emphasis and focus as the needs of the nation have changed. [...] To keep pace with this continually changing environment, the DOE must develop comprehensive, risk-based approaches to protect and support our national security, science, and technology missions. Implementing an agile, effective, and cost-efficient approach to cyber security requires the DOE to develop improved and systematic processes, and to leverage technologies to streamline implementation and improve effectiveness of security controls. In this cost-constrained environment, the Department's leadership needs to balance and prioritize security activities, based on risk and mission, and translate its strategies into effective tactical actions. This Cyber Security Strategic Plan outlines the goals and objectives of the DOE cyber security program to safeguard the DOE's information assets and assure the confidentiality, integrity, and availability of the information vital to achieve the DOE's missions. The details of how the Department will share information, counter new and evolving threats, and develop new methods for protecting information and information systems will be defined in the policies and in the mission-centric Senior DOE Management Program Cyber Security Plans (PCSPs). This strategic plan contains the goals and strategic objectives for the DOE Cyber Security program. Each strategic objective is organized into near-term, mid-term, and long-term element. The elements are 'time boxed' with near-term elements expected to be addressed in the next 12 months, mid-term elements addressed in the next 18-24 months, and the long-term elements addressed in the next three years."
United States Deptartment of Energy: http://energy.gov/